vip.disksusiangka.info Open in urlscan Pro
172.96.191.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vip.disksusiangka.info/
Effective URL:
https://vip.disksusiangka.info/
Submission: On February 06 via api (February 6th 2024, 9:13:34 pm UTC) from US — Scanned from SG

Summary HTTP 2935 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 73 domains to perform 2935 HTTP transactions. The main IP is 172.96.191.134, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is vip.disksusiangka.info.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.

This is the only time vip.disksusiangka.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 148	172.96.191.134 172.96.191.134	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
139	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
88	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
305	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
151	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	142.4.219.198 142.4.219.198	16276 (OVH) (OVH)
20	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
29 556	85.187.128.38 85.187.128.38	55293 (A2HOSTING) (A2HOSTING)
171	158.69.254.144 158.69.254.144	16276 (OVH) (OVH)
62	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
32	172.96.191.132 172.96.191.132	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
129	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
122	13.224.249.72 13.224.249.72	16509 (AMAZON-02) (AMAZON-02)
19	18.155.68.81 18.155.68.81	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3036::6815:db7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c06::5f	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c1c::5f	15169 (GOOGLE) (GOOGLE)
16	108.156.133.109 108.156.133.109	16509 (AMAZON-02) (AMAZON-02)
63	2606:4700:20:... 2606:4700:20::681a:d3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17 25	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
11 11	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
7 27	52.77.105.252 52.77.105.252	16509 (AMAZON-02) (AMAZON-02)
1 5	23.207.181.216 23.207.181.216	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::6816:3262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	108.157.254.84 108.157.254.84	16509 (AMAZON-02) (AMAZON-02)
3 45	54.245.71.27 54.245.71.27	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3036::ac43:a392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 72	3.93.89.138 3.93.89.138	14618 (AMAZON-AES) (AMAZON-AES)
6	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4 4	13.224.249.16 13.224.249.16	16509 (AMAZON-02) (AMAZON-02)
3 3	74.125.130.155 74.125.130.155	15169 (GOOGLE) (GOOGLE)
3 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 2	34.102.166.132 34.102.166.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8 8	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
7 7	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:df2:a300... 2001:df2:a300:bbbb::136	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	3.66.124.228 3.66.124.228	16509 (AMAZON-02) (AMAZON-02)
4 4	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 2	3.214.45.232 3.214.45.232	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550a:894d:5a43:421:a533	14618 (AMAZON-AES) (AMAZON-AES)
1	108.156.133.90 108.156.133.90	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	174.129.90.144 174.129.90.144	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.76.19.218 35.76.19.218	16509 (AMAZON-02) (AMAZON-02)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1	52.187.52.94 52.187.52.94	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.27.127.217 52.27.127.217	16509 (AMAZON-02) (AMAZON-02)
1 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	2600:9000:275... 2600:9000:2753:4a00:1a:609a:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
2 36	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
33 33	35.230.38.116 35.230.38.116	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
34	52.39.166.89 52.39.166.89	16509 (AMAZON-02) (AMAZON-02)
1 2	34.232.140.51 34.232.140.51	14618 (AMAZON-AES) (AMAZON-AES)
1	35.162.162.179 35.162.162.179	16509 (AMAZON-02) (AMAZON-02)
1 1	3.160.188.29 3.160.188.29	16509 (AMAZON-02) (AMAZON-02)
2 2	54.95.222.155 54.95.222.155	16509 (AMAZON-02) (AMAZON-02)
1 1	51.158.28.82 51.158.28.82	12876 (Online SAS) (Online SAS)
1 2	212.83.160.162 212.83.160.162	12876 (Online SAS) (Online SAS)
2 6	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
46	99.83.181.31 99.83.181.31	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3036::ac43:8f7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	54.251.140.206 54.251.140.206	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	13.227.254.7 13.227.254.7	16509 (AMAZON-02) (AMAZON-02)
2 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3033::6815:e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2935	53

148 172.96.191.134 (Singapore, Singapore) 8 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.134-static.reverse.arandomserver.com

vip.disksusiangka.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.badutprediction.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zona-bermain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

139 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

88 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

305 2404:6800:4003:c03::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

151 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net

s4is.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

556 85.187.128.38 (Singapore, Singapore) 29 redirects

ASN55293 (A2HOSTING, US)
PTR: sg1-tr1.supercp.com

vip.pangkalanhdgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.zona88.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bungaprediction.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.zonaprediction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.zonafantasi.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.poltar2d.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w1.bungaprediction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

171 158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 172.96.191.132 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.132-static.reverse.arandomserver.com

vip.roomangkasa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.velbettgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

129 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

122 13.224.249.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-72.sin52.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.155.68.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-81.sin52.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3036::6815:db7 (United States)

ASN13335 (CLOUDFLARENET, US)

rankcrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c1c::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 108.156.133.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-109.sin2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 141.94.171.213 (France) 17 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 15.197.193.217 (Seattle, United States) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.77.105.252 (Singapore, Singapore) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.207.181.216 (Singapore, Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-216.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3262 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 108.157.254.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-254-84.sin2.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 54.245.71.27 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-71-27.us-west-2.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:a392 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 3.93.89.138 (Ashburn, United States) 12 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-89-138.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.249.16 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-16.sin52.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.155 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.166.132 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.tpmn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.95.33.120 (Germany) 8 redirects

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.43.90.21 (Singapore, Singapore) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::136 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.124.228 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-124-228.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.45.232 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-45-232.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:894d:5a43:421:a533 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.133.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-90.sin2.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.90.144 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-90-144.compute-1.amazonaws.com

pixel.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.76.19.218 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-19-218.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.187.52.94 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.127.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-127-217.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2753:4a00:1a:609a:6780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 35.230.38.116 (The Dalles, United States) 33 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 52.39.166.89 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-166-89.us-west-2.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.140.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-140-51.compute-1.amazonaws.com

tag.crsspxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.162.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-162-179.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.188.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-160-188-29.mrs52.r.cloudfront.net

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.95.222.155 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-222-155.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.82 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: online-prod.ipsfailover.com

map.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.83.160.162 (Dordives, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: online-prod.ipsfailover.com

map.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.84.60.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:8f7f (United States)

ASN13335 (CLOUDFLARENET, US)

opesia.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.251.140.206 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-7.sin52.r.cloudfront.net

cdn.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:e31 (United States)

ASN13335 (CLOUDFLARENET, US)

dtsedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
395	poltar2d.info 28 redirects vip.poltar2d.info	4 MB
340	histats.com s10.histats.com — Cisco Umbrella Rank: 14576 s4is.histats.com — Cisco Umbrella Rank: 634486 s4.histats.com — Cisco Umbrella Rank: 14129	954 KB
305	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	166 MB
237	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5021 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14306 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 5129	803 KB
139	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	2 MB
129	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16248 t.dtscout.com — Cisco Umbrella Rank: 13665	198 KB
125	badutprediction.info 7 redirects vip.badutprediction.info	2 MB
92	zonaprediction.com vip.zonaprediction.com	955 KB
88	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	3 MB
80	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 671 ce.lijit.com — Cisco Umbrella Rank: 859 cdn.lijit.com	65 KB
73	liadm.com 12 redirects i.liadm.com — Cisco Umbrella Rank: 550 i6.liadm.com — Cisco Umbrella Rank: 2884	41 KB
63	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14516	27 KB
62	w.org s.w.org — Cisco Umbrella Rank: 3198	36 KB
43	crwdcntrl.net 7 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 sync.crwdcntrl.net — Cisco Umbrella Rank: 853 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	172 KB
42	bungaprediction.top bungaprediction.top	140 KB
36	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	7 KB
33	simpli.fi 33 redirects um.simpli.fi — Cisco Umbrella Rank: 856	13 KB
25	onaudience.com 17 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3060	9 KB
24	velbettgroup.com vip.velbettgroup.com	53 KB
20	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2022	82 KB
14	zona88.top 1 redirects vip.zona88.top	125 KB
13	disksusiangka.info 1 redirects vip.disksusiangka.info	125 KB
11	adsrvr.org 11 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	4 KB
10	zona-bermain.com zona-bermain.com	6 MB
8	id5-sync.com 8 redirects id5-sync.com — Cisco Umbrella Rank: 425	11 KB
8	roomangkasa.top vip.roomangkasa.top	20 KB
7	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	4 KB
7	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	7 KB
7	zonafantasi.info vip.zonafantasi.info	17 KB
6	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 3041	1 KB
6	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	2 KB
6	rankcrack.com rankcrack.com	8 KB
5	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 940 tags.bluekai.com — Cisco Umbrella Rank: 727	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	91 KB
4	opesia.vip opesia.vip — Cisco Umbrella Rank: 631355	5 KB
4	everesttech.net 4 redirects rtd-tm.everesttech.net — Cisco Umbrella Rank: 3124 sync-tm.everesttech.net — Cisco Umbrella Rank: 716	995 B
4	smadex.com 4 redirects cm.smadex.com — Cisco Umbrella Rank: 3096	2 KB
4	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 22509	2 KB
4	bungaprediction.com w1.bungaprediction.com	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	938 B
2	dtsedge.com dtsedge.com — Cisco Umbrella Rank: 53979	751 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	568 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	154 KB
2	sddan.com 1 redirects map.sddan.com — Cisco Umbrella Rank: 16487	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
2	crsspxl.com 1 redirects tag.crsspxl.com — Cisco Umbrella Rank: 5357	702 B
2	aidata.io 1 redirects x01.aidata.io — Cisco Umbrella Rank: 14168	942 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5392	1 KB
2	thrtle.com 1 redirects thrtle.com — Cisco Umbrella Rank: 1397	670 B
2	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2267	806 B
2	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3325
2	pangkalanhdgroup.com vip.pangkalanhdgroup.com	5 KB
1	cookieless-data.com 1 redirects map.cookieless-data.com — Cisco Umbrella Rank: 16546	666 B
1	adswizz.com 1 redirects synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704	427 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1144	535 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 451	331 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 477	674 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	655 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	44 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 9630	543 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1531	299 B
1	shareaholic.com 1 redirects pixel.shareaholic.com — Cisco Umbrella Rank: 26442	512 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 646	404 B
1	userreport.com audex.userreport.com — Cisco Umbrella Rank: 4929	432 B
1	sharethis.com 1 redirects sync.sharethis.com — Cisco Umbrella Rank: 2756	607 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1381	444 B
1	tpmn.io ad.tpmn.io — Cisco Umbrella Rank: 4220	617 B
1	tpmn.co.kr 1 redirects ad.tpmn.co.kr — Cisco Umbrella Rank: 3950	287 B
0	btrll.com Failed geo-um.btrll.com Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	mrtnsvr.com Failed ad.mrtnsvr.com Failed
0	zona-angka.top Failed zona-angka.top Failed
2935	73

	Domain	Requested by
395	vip.poltar2d.info	28 redirects vip.zonaprediction.com vip.poltar2d.info
305	blogger.googleusercontent.com	vip.disksusiangka.info vip.zona88.top vip.badutprediction.info vip.zonaprediction.com vip.poltar2d.info
171	s4.histats.com	s10.histats.com
151	s10.histats.com	vip.disksusiangka.info vip.pangkalanhdgroup.com vip.zona88.top bungaprediction.top vip.badutprediction.info s10.histats.com vip.zonaprediction.com vip.zonafantasi.info vip.roomangkasa.top vip.poltar2d.info w1.bungaprediction.com vip.velbettgroup.com
139	cdn.jsdelivr.net	vip.disksusiangka.info vip.zona88.top vip.badutprediction.info vip.zonaprediction.com vip.poltar2d.info
125	vip.badutprediction.info	7 redirects vip.disksusiangka.info vip.badutprediction.info
122	get.s-onetag.com	e.dtscout.com get.s-onetag.com
92	vip.zonaprediction.com	vip.badutprediction.info vip.zonaprediction.com
88	maxcdn.bootstrapcdn.com	vip.disksusiangka.info maxcdn.bootstrapcdn.com vip.zona88.top vip.badutprediction.info vip.zonaprediction.com vip.poltar2d.info
72	i.liadm.com	12 redirects vip.zona88.top vip.zonafantasi.info vip.zonaprediction.com vip.badutprediction.info vip.poltar2d.info
67	e.dtscout.com	s4.histats.com
63	t.dtscdn.com	e.dtscout.com
62	t.dtscout.com	e.dtscout.com
62	s.w.org	vip.zona88.top vip.poltar2d.info vip.badutprediction.info
50	data-beacons.s-onetag.com	get.s-onetag.com
46	connect-metrics-collector.s-onetag.com	get.s-onetag.com
45	ap.lijit.com	3 redirects vip.disksusiangka.info get.s-onetag.com
42	bungaprediction.top	vip.pangkalanhdgroup.com vip.zona88.top bungaprediction.top vip.zonafantasi.info vip.roomangkasa.top vip.velbettgroup.com
36	px.ads.linkedin.com	2 redirects vip.disksusiangka.info vip.zona88.top vip.zonafantasi.info vip.zonaprediction.com vip.badutprediction.info vip.poltar2d.info
34	ce.lijit.com	vip.disksusiangka.info vip.zona88.top vip.zonafantasi.info vip.zonaprediction.com vip.badutprediction.info vip.poltar2d.info
33	um.simpli.fi	33 redirects
25	pixel.onaudience.com	17 redirects e.dtscout.com vip.zonafantasi.info bcp.crwdcntrl.net
24	vip.velbettgroup.com	vip.poltar2d.info
20	secure.gravatar.com	vip.disksusiangka.info vip.badutprediction.info vip.poltar2d.info
19	onetag-geo.s-onetag.com	get.s-onetag.com
18	s4is.histats.com	vip.disksusiangka.info vip.zona88.top vip.badutprediction.info vip.zonaprediction.com
16	sync.crwdcntrl.net	5 redirects bcp.crwdcntrl.net
16	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
14	vip.zona88.top	1 redirects vip.disksusiangka.info vip.zona88.top
13	vip.disksusiangka.info	1 redirects vip.disksusiangka.info
11	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
11	match.adsrvr.org	11 redirects
10	zona-bermain.com	vip.zona88.top vip.badutprediction.info
8	id5-sync.com	8 redirects
8	vip.roomangkasa.top	vip.badutprediction.info
7	ps.eyeota.net	1 redirects vip.disksusiangka.info
7	vip.zonafantasi.info	vip.zonaprediction.com
6	dmp.adform.net	2 redirects bcp.crwdcntrl.net
6	dis.criteo.com	vip.disksusiangka.info vip.zona88.top
6	rankcrack.com	w1.bungaprediction.com rankcrack.com ajax.googleapis.com
5	secure.adnxs.com	5 redirects
4	opesia.vip	w1.bungaprediction.com code.jquery.com
4	cm.smadex.com	4 redirects
4	a.dtssrv.com	e.dtscout.com
4	stags.bluekai.com	vip.disksusiangka.info bungaprediction.top vip.pangkalanhdgroup.com
4	w1.bungaprediction.com	vip.poltar2d.info vip.badutprediction.info
3	sync-tm.everesttech.net	3 redirects
3	x.bidswitch.net	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	ajax.googleapis.com	rankcrack.com vip.poltar2d.info
2	dtsedge.com	e.dtscout.com
2	code.jquery.com	opesia.vip
2	map.sddan.com	1 redirects bcp.crwdcntrl.net
2	match.prod.bidr.io	2 redirects
2	tag.crsspxl.com	1 redirects bcp.crwdcntrl.net
2	x01.aidata.io	1 redirects bcp.crwdcntrl.net
2	pool.admedo.com	2 redirects
2	thrtle.com	1 redirects bcp.crwdcntrl.net
2	ib.adnxs.com	2 redirects
2	fei.pro-market.net	1 redirects bcp.crwdcntrl.net
2	spl.zeotap.com	vip.disksusiangka.info bcp.crwdcntrl.net
2	fonts.googleapis.com	rankcrack.com
2	vip.pangkalanhdgroup.com	vip.disksusiangka.info vip.zona88.top
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	cdn.lijit.com	vip.disksusiangka.info
1	map.cookieless-data.com	1 redirects
1	synchroscript.deliveryengine.adswizz.com	1 redirects
1	jadserve.postrelease.com	bcp.crwdcntrl.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	aa.agkn.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	loadus.exelator.com	bcp.crwdcntrl.net
1	pixel.shareaholic.com	1 redirects
1	trc.taboola.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	i6.liadm.com	bcp.crwdcntrl.net
1	tags.bluekai.com	1 redirects
1	rtd-tm.everesttech.net	1 redirects
1	sync.sharethis.com	1 redirects
1	d.turn.com	1 redirects
1	ad.tpmn.io	bcp.crwdcntrl.net
1	ad.tpmn.co.kr	1 redirects
0	geo-um.btrll.com Failed	bcp.crwdcntrl.net
0	sync.search.spotxchange.com Failed	bcp.crwdcntrl.net
0	ad.mrtnsvr.com Failed	bcp.crwdcntrl.net
0	zona-angka.top Failed	vip.badutprediction.info vip.poltar2d.info
2935	89

This site contains links to these domains. Also see Links.

Domain
punyadunia.com
hitamdia.com
idehebat.com
xn--hy1bu3c96bmw0c.com
konsepterbalik.com
obral87.com
serba5kali.com
terbalikdiskon.com
cicaksukses.com
berkatbaik.com
xn--2o2b17yoct94ecia.com
xn--zs5brxj7u.com
ffsukses.com
xn--hg4bo4jmcp8e.com
xn--om2b1fu9h4rpdrq.com
kudasatu.com
xn--i89aqf47kdvhukv.com
xn--oy2b17nw6bbqq49a.com
domainbett.com
nagamaswin.com
vip.velbettgroup.com
vip.zonafantasi.info
vip.egaagroup.top
vip.roomangkasa.top
vip.pangkalanhdgroup.com
vip.zonapools.info
vip.badutprediction.info
vip.track-invest.top
app.track-2d.info
vip.poltar2d.info
vip.gubukprediktor.info
w1.bungaprediction.com
zona-bermain.com
vip.zonaprediction.top
vip.markas-prediktor.info
vip.kaptenoleng.com
vip.ratuprediction.top
vip.zona88.top
kaptenoleng.info
www.histats.com
ronangelo.com

Subject Issuer	Validity	Valid
www.vip.disksusiangka.info R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
vip.pangkalanhdgroup.com R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
www.vip.badutprediction.info R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
www.vip.zona88.top R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
webdisk.markas-prediktor.info R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
www.zona-bermain.com.gubukprediction.com R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
www.vip.roomangkasa.top R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
www.vip.zonaprediction.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
vip.zonafantasi.info R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
www.vip.poltar2d.info R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
gubukprediction.top R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
vip.velbettgroup.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
rankcrack.com GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2023-03-28` - `2024-04-28`	a year	crt.sh
dtssrv.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-10-19` - `2024-11-16`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-26` - `2024-06-26`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
opesia.vip GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
dtsedge.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh

This page contains 142 frames:

Primary Page: https://vip.disksusiangka.info/
Frame ID: 2E1E1197031A0EBF38E4B13840D8C491
Requests: 64 HTTP requests in this frame

Frame: https://vip.pangkalanhdgroup.com/poltar.php
Frame ID: 63A15E03EC29C7D8254AF7E17F6782EA
Requests: 36 HTTP requests in this frame

Frame: https://vip.badutprediction.info/
Frame ID: 43CCBB7B82E41F2AF383D9719C656B50
Requests: 42 HTTP requests in this frame

Frame: https://vip.zona88.top/kalkulator-invest/
Frame ID: DD1E9AD1382F183FD9186A1D70127A4E
Requests: 62 HTTP requests in this frame

Frame: https://bungaprediction.top/hitung.php
Frame ID: CEBCBC81CB3B38940DDDF6B582995054
Requests: 23 HTTP requests in this frame

Frame: https://vip.pangkalanhdgroup.com/poltar.php
Frame ID: 51880EA17712D6C0082D1C2D6025951C
Requests: 21 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 6B8132CBC8A44F28FBA6081F794CF3D7
Requests: 23 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: B318BAEB3410398FB228DD0D16CB05E8
Requests: 59 HTTP requests in this frame

Frame: https://vip.badutprediction.info/jalur-shio/
Frame ID: D3E503EBC1E1DB94188674A126727E56
Requests: 41 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: E344DE2F43C6CE482D75A2CF63703A19
Requests: 54 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-china/
Frame ID: AB2A784E1F9B209F807702C9FBEFE5B5
Requests: 60 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: C4637DF0C0340CD1F4FC503814556D62
Requests: 18 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 86D0312B1780C3519086ACABBA5FC38C
Requests: 55 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01707253979FD08C0654459DC447A
Frame ID: 3DB819FE53B6C46D242234AFC1E9EF77
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Frame ID: 37D0FFB51FA27D849C75140FB6325A56
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Frame ID: E9637C32F5AF0A193EA9B3D8742AF72E
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Frame ID: 213359046241FB1638ED92CFD7F18CE1
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Frame ID: FAB53822844F5D31045628C54A4F3861
Requests: 1 HTTP requests in this frame

Frame: https://vip.badutprediction.info/prediksi-sydney/
Frame ID: DE84C1E8FFD49574F28E8A3F9505C3B4
Requests: 44 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livechina.php
Frame ID: 0B176CA68129D4E54F7C459629276761
Requests: 17 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 2FCB33D0E78C4E5C6A1EEB2289A2A5D6
Requests: 18 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-japan/
Frame ID: 749B772D2E2414AB12B9AE74FCA68578
Requests: 60 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 538B655107DBB0BC06F3FE986D70F91C
Requests: 36 HTTP requests in this frame

Frame: https://rankcrack.com/live-draw-china.php
Frame ID: D70A03B81A6D13361327D4401D61CE93
Requests: 5 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-taiwan/
Frame ID: D157C6C177E01CDBD4983218D358A676
Requests: 60 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 8C8AF9D39761DEC9D160A222D1385175
Requests: 16 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-sydney/
Frame ID: 874B78EDEC76DDCF14A7150C47F3F947
Requests: 64 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 283A72A177ACC4F8F36A77D53D5A28B1
Requests: 16 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: C51B5A3775F8338BDD1B203A2219151E
Requests: 16 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 039FB609295B22A6CB3B4A8BCEDC345E
Requests: 54 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-hongkong/
Frame ID: E86F4CC0921247F8982D6E2B099466C1
Requests: 70 HTTP requests in this frame

Frame: https://vip.badutprediction.info/prediksi-taiwan/
Frame ID: 0F3C8AD75E40D1CD9B38497435FC87BC
Requests: 41 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 744A20B5533EDF9293376B0E5770E7D3
Requests: 1 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: FBEB7A89B4DBAC5D79CED73C37E4D8AB
Requests: 31 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-taiwan/
Frame ID: 6C183C520DB795D13FCEBD7E10AB5CFB
Requests: 58 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 520A523C54DF9AAAED0EBE4707882DEE
Requests: 24 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 25C06FAF9E90270C0B86E6477767573A
Requests: 16 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 28B5EF509FAAD5C2369F50BEE5CA5EED
Requests: 54 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: D426AD5956736C3EA0C5DAE049D9391D
Requests: 16 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 45F4E23A86EFC489048F116246CBBA0B
Requests: 1 HTTP requests in this frame

Frame: https://vip.badutprediction.info/jalur-shio/
Frame ID: 98858F568C1EA3C7C2A0206786BDD125
Requests: 38 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 799A39A511D81D048A91E273CCCE910D
Requests: 14 HTTP requests in this frame

Frame: https://vip.poltar2d.info/buku-mimpi-4d/
Frame ID: EF1B6F7AA76722814E1472DE1170FE0B
Requests: 53 HTTP requests in this frame

Frame: https://vip.poltar2d.info/buku-mimpi-4d/
Frame ID: 0E2ADA0B925EE863B78B70DDCD3B3267
Requests: 53 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 4AEBC560AF7DCCB9B1A72BECD2C4AA33
Requests: 28 HTTP requests in this frame

Frame: https://vip.poltar2d.info/generator-angka/
Frame ID: 6BD6881F9D335A3888E5A3240E98EEF4
Requests: 52 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: C358255366C0016122CA036A5D6163A3
Requests: 13 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7DB2D8C47B76158FE8A212353BADEE23
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3AE51ABFBA74882D47BFC0FE93586580
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 8B6DB26D8D8840C5A6FFC6582F41143A
Requests: 11 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: CE9CE6F8A08BD0846B2933C0578D7088
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 677DA234504ACC4FF00D06C9171C8649
Requests: 2 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 5ED2C716A18B86B8563633CF03738F40
Requests: 11 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 8473C18B5691E010DCE29661DCBDB408
Requests: 50 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-japan/
Frame ID: 6972C55D043A362343B51A81976CF18E
Requests: 54 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: F32C921E16A56315B82CE8B4D4708A28
Requests: 1 HTTP requests in this frame

Frame: https://vip.badutprediction.info/live-sydney/
Frame ID: 239446102A8F33BBA808D85EB8590F8D
Requests: 34 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: F6620E332A15BBCDEB60FBB6C54C5E2F
Requests: 11 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 0741D7B9F303A7AC3D9EDE03FE65DD73
Requests: 11 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-taiwan/
Frame ID: 34D9914A4CC7A11177D51CBA3FAF7295
Requests: 54 HTTP requests in this frame

Frame: https://vip.poltar2d.info/pola-dasar/
Frame ID: 60E5F56B0CFE8BE92CB6514BCA446B75
Requests: 52 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 3D2887106A8808B3A1CBAAB0D35DB32E
Requests: 10 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-cambodia/
Frame ID: E5670739D3BF9BF170174CCBDD2356FE
Requests: 53 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 76A62201A304155BCB549ADDBBD276B7
Requests: 2 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: B6394E27E4DB479127F560A72F041F06
Requests: 26 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livesd.php
Frame ID: 1C500F198C211312AA4A4D315877D1C0
Requests: 9 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: FAAFEFC2AEA1E60C840F7331EC510723
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/buku-mimpi-2d/
Frame ID: 2407376D53C76759D237845B85BEC554
Requests: 50 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livesydney.php
Frame ID: EEF1B2FEDB9A814C939D78792726931C
Requests: 9 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 6BB287A56AACD218629C3DE20CF66DD7
Requests: 9 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: AC9B558AD67C0E84CA8A977238BB56B4
Requests: 47 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 0C7BFE41A7F72698CFFB3A74813EB2DC
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: E241388F41B07DC8615C24CD861F83D5
Requests: 9 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: F7FB6551999461D3B7C008DE348C873B
Requests: 1 HTTP requests in this frame

Frame: https://vip.badutprediction.info/rekap-angka-ct/
Frame ID: D186ACF39BD035C3D492A5BCF5216258
Requests: 30 HTTP requests in this frame

Frame: https://opesia.vip/iframe-live/livesydney2.php/
Frame ID: BEA48882719A8423A83C76B2B4085B8E
Requests: 3 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-china/
Frame ID: 0DB30E99EF4C2C1AE810C74541267806
Requests: 50 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 4672DBF1A1CE51FFEB9500AA85459A26
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F711777E573A0C9A146FB46C85A06D29
Requests: 2 HTTP requests in this frame

Frame: https://opesia.vip/iframe-live/livesydney2.php/
Frame ID: A3AF599C4D8C82F9BBD941F03162E8BC
Requests: 3 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 6DA1DEFBC3614C7DCB002F564C704995
Requests: 9 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 85D351EB7B1A477E80E12526B950A6C3
Requests: 9 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 0479AACFFA69EBD9DE3D765E04139BF4
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/rekap-angka-3d/
Frame ID: 5B15AAF8B17495974160C2E14F533270
Requests: 47 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: E969BD086045C0CA604CEB52833BB67A
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-china/
Frame ID: 74E9BB980174A8A17979E23940CB38B0
Requests: 46 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: DF4BE026E569D2F66AEFF4902C3A17CF
Requests: 6 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 308AE7FF250397D2AFA29BF8FDD4630A
Requests: 6 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 355DA9A5BEA9F9350F7F9532AD1BE0E8
Requests: 22 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C5A197C8135E9C41E03E030A2E5E623F
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/buku-mimpi-2d/
Frame ID: BF220B45EA26A93FE4BFDFF2666FF2E0
Requests: 46 HTTP requests in this frame

Frame: https://vip.poltar2d.info/generator-line-angka/
Frame ID: 0DB624BD9AB3D59054CC675CEA8ED839
Requests: 45 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-sydney/
Frame ID: A20E948C990AA0A48BD2923752B9E113
Requests: 45 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 77A9E0D6AE3BFD805E492439946E78E9
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 4EF32CC52327520111D673885E3A8F4B
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 6CD52F5BCBE274BA34D2240D51B6E003
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: B346F969765D7E86F9E1E6CD10DFB790
Requests: 6 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 540627D7A74A4F333DB3EC78D5901759
Requests: 6 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 8A1B638FA544FC40704ADBC6D4165122
Requests: 42 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7DDCC557C87F3040E22BB4269A886715
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/pola-dasar/
Frame ID: 2E166420E5AD83E2F75ACDB7B43E3461
Requests: 43 HTTP requests in this frame

Frame: https://vip.badutprediction.info/buku-mimpi-2d/
Frame ID: 877C20E89444919CF50F9C21D847B59A
Requests: 25 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 79D3D75A2848C4993B3549B1DEC470A7
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 1145633B7E081C02DE016E1C66C567C3
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: CFCFE9367B263DEA45B0A932180DDEA9
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 6C190990F327A0C4F68887D724134D6E
Requests: 2 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livechina.php
Frame ID: 93D8F302FDA130F9E6667007F9EB97F7
Requests: 5 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: B99888D1B56BB5807F4963845D38F5DC
Requests: 4 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7E5DE81EEBD25885BB5A3ADA5CBA67EE
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 67D91ABA1C6FFED8A85681C7C3D024FA
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/pola-dasar/
Frame ID: 3C5B60EECA5B8E49A872C7402215591A
Requests: 41 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 78F2FF2BFC61B49393E4070323950F68
Requests: 4 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 5445C29E4FE2EF09143305BF2B17A570
Requests: 4 HTTP requests in this frame

Frame: https://rankcrack.com/live-draw-china.php
Frame ID: 3F9A834FA39583CEC8F708919464CD16
Requests: 5 HTTP requests in this frame

Frame: https://vip.poltar2d.info/generator-angka/
Frame ID: 58AFE1D4F0F1F4A42BE49D359FDFFF63
Requests: 40 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 58845182DF8399B5D0BECAC4A83A1F10
Requests: 3 HTTP requests in this frame

Frame: https://vip.poltar2d.info/pola-dasar/
Frame ID: 3BD7D71BCB3BA8A0AAAF943ED31ACD8B
Requests: 41 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 4E41250CED47D1D13B0224D6E36DBE31
Requests: 3 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-sydney/
Frame ID: E47C325F99FE8C1B56FAE7904CF6D0BD
Requests: 42 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: BD6680331F8DBD9F220612C9C51CB894
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: CDAF551F412B6E601116D7FA14007B67
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: E3D5F5F2E21B511811341EB4CEC28A8B
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/generate-bbfs/
Frame ID: 6A5694C0E77BC14C2E81EC663D1120D9
Requests: 38 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 2A8FC41401C034B72D476FD4CF5627D4
Requests: 3 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 2D0704A4C7CAA6E9F3E73226A76ACC77
Requests: 37 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 513F4D859B92E2B229E85B56A4AFBEA2
Requests: 3 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: D67E75FAFEA7D86CD434E38450BB726E
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 22AF486BD1E92B9018548D93C69EA173
Requests: 2 HTTP requests in this frame

Frame: https://vip.badutprediction.info/prediksi-china/
Frame ID: A7A4B412C70559ABB587342D2B100B03
Requests: 19 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 8661A5816FCF8BEA4C64832EEB239C68
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/rekap-on-of/
Frame ID: A2D6EB822B770C2B71942925C4578498
Requests: 38 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: E9A712681EF26F4521297829B396251F
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 7AFD1D54FDC63FF4C525D5CA22DEDA96
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 30AD4DE1E4F9EF25F07D66B9697BD617
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/rekap-angka-3d/
Frame ID: C450C0AB8346C0614EAABA0CB805BFC1
Requests: 38 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 05DF3B280024C4CB9F43ACE9B200DB48
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 2DA83FB0F3E54B24CE6475BB52063B53
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-china/
Frame ID: 62C1AE2427B9678FEADC6DAB567DE7D1
Requests: 29 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-sydney/
Frame ID: A805C242AADF3D8D844C051E6F2CFAEE
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: E7EA256899F8163C6E6F1F4CDEBFF0B9
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C32E9E9F04957FF9450D7D70432A12BA
Requests: 1 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 201065051876FA7AEC9E2CF8BE719C01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DISKUSI ANGKA TOP – TEMPAT BERKUMPUL NYA PARA PREDIKTOR

Page URL History Show full URLs

http://vip.disksusiangka.info/ HTTP 301
https://vip.disksusiangka.info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

2935
Requests

78 %
HTTPS

30 %
IPv6

73
Domains

89
Subdomains

53
IPs

9
Countries

191752 kB
Transfer

307185 kB
Size

84
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: http://punyadunia.com/?memberwap=bungaku88

Search URL Search Domain Scan URL

URL: http://hitamdia.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://idehebat.com/?memberwap=teamsupersonix

Search URL Search Domain Scan URL

URL: http://xn--hy1bu3c96bmw0c.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://konsepterbalik.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://obral87.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://serba5kali.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://terbalikdiskon.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://cicaksukses.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://berkatbaik.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--2o2b17yoct94ecia.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--zs5brxj7u.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://ffsukses.com/?memberwap=ratan88

Search URL Search Domain Scan URL

URL: http://xn--hg4bo4jmcp8e.com/?memberwap=ratan88

Search URL Search Domain Scan URL

URL: http://xn--om2b1fu9h4rpdrq.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://kudasatu.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--i89aqf47kdvhukv.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--oy2b17nw6bbqq49a.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: https://domainbett.com/register?ref=bungaku88

Search URL Search Domain Scan URL

URL: https://nagamaswin.com/?ref=bunga88

Search URL Search Domain Scan URL

URL: https://vip.velbettgroup.com/
Title: VELBETT GROUP

Search URL Search Domain Scan URL

URL: https://vip.zonafantasi.info/
Title: ZONA FANTASI

Search URL Search Domain Scan URL

URL: https://vip.egaagroup.top/
Title: EGAA GROUP

Search URL Search Domain Scan URL

URL: https://vip.roomangkasa.top/
Title: ROOM ANGKASA

Search URL Search Domain Scan URL

URL: https://vip.pangkalanhdgroup.com/
Title: PANGKALAN HD

Search URL Search Domain Scan URL

URL: https://vip.zonapools.info/
Title: ZONAPOOLS

Search URL Search Domain Scan URL

URL: https://vip.badutprediction.info/
Title: BADUT PREDICTION

Search URL Search Domain Scan URL

URL: https://vip.track-invest.top/
Title: TRACK INVES

Search URL Search Domain Scan URL

URL: https://app.track-2d.info/
Title: TRACK 2D

Search URL Search Domain Scan URL

URL: https://vip.poltar2d.info/
Title: POLTAR 2D

Search URL Search Domain Scan URL

URL: https://vip.gubukprediktor.info/
Title: GUBUK PREDICTION

Search URL Search Domain Scan URL

URL: https://w1.bungaprediction.com/
Title: BUNGA PREDICTION

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/
Title: ZONA BERMAIN

Search URL Search Domain Scan URL

URL: https://vip.zonaprediction.top/
Title: ZONA PREDICTION

Search URL Search Domain Scan URL

URL: https://vip.markas-prediktor.info/
Title: MARKAS PREDIKTOR

Search URL Search Domain Scan URL

URL: https://vip.kaptenoleng.com/
Title: KAPTEN OLENG

Search URL Search Domain Scan URL

URL: https://vip.ratuprediction.top/
Title: RATU PREDICTION

Search URL Search Domain Scan URL

URL: https://vip.zona88.top/
Title: ZONA 88

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-lengkap/
Title: PAITO WARNA LENGKAP

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-cambodia/
Title: PAITO WARNA CAMBODIA

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-sydney
Title: PAITO WARNA SYDNEY

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-japan/
Title: PAITO WARNA JAPAN

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-singapore/
Title: PAITO WARNA SINGAPORE

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-china/
Title: PAITO WARNA CHINA

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-taiwan/
Title: PAITO WARNA TAIWAN

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-hongkong/
Title: PAITO WARNA HONGKONG

Search URL Search Domain Scan URL

URL: https://kaptenoleng.info/
Title: zona.hoky88@gmail.com

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=4710812&ccid=3023

Search URL Search Domain Scan URL

URL: https://ronangelo.com/asteroid/
Title: Asteroid Theme

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vip.disksusiangka.info/ HTTP 301
https://vip.disksusiangka.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://vip.zona88.top/kalkulator-invest HTTP 301
https://vip.zona88.top/kalkulator-invest/

Request Chain 133

https://vip.badutprediction.info/jalur-shio HTTP 301
https://vip.badutprediction.info/jalur-shio/

Request Chain 181

https://vip.poltar2d.info/live-china HTTP 301
https://vip.poltar2d.info/live-china/

Request Chain 270

https://vip.badutprediction.info/prediksi-sydney HTTP 301
https://vip.badutprediction.info/prediksi-sydney/

Request Chain 321

https://vip.poltar2d.info/paito-warna-japan HTTP 301
https://vip.poltar2d.info/paito-warna-japan/

Request Chain 381

https://vip.poltar2d.info/paito-warna-taiwan HTTP 301
https://vip.poltar2d.info/paito-warna-taiwan/

Request Chain 398

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

Request Chain 401

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=afb678f1b5285b5b

Request Chain 404

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

Request Chain 439

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

Request Chain 457

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

Request Chain 501

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 502

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 506

https://vip.poltar2d.info/prediksi-sydney HTTP 301
https://vip.poltar2d.info/prediksi-sydney/

Request Chain 573

https://vip.poltar2d.info/prediksi-hongkong HTTP 301
https://vip.poltar2d.info/prediksi-hongkong/

Request Chain 576

https://vip.badutprediction.info/prediksi-taiwan HTTP 301
https://vip.badutprediction.info/prediksi-taiwan/

Request Chain 741

https://vip.poltar2d.info/paito-warna-taiwan HTTP 301
https://vip.poltar2d.info/paito-warna-taiwan/

Request Chain 752

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=37490 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=37490&_li_chk=true&previous_uuid=8500ab3a290f471d86070d21f9154044 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 753

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=14604 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=14604&_li_chk=true&previous_uuid=b676004775a646e096f0029b849c5353 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 811

https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0 HTTP 302
https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=Ujg1QUYvYWhRMmFocEdXdXZTeHRaZz09&sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=Ujg1QUYvYWhRMmFocEdXdXZTeHRaZz09&sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt&google_tc= HTTP 302
https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt HTTP 302
https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=47ce4017-f6a1-4366-a1a4-65aebd2c6d66&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Cbds%2Crbc%2Ctl%2Csmt HTTP 302
https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,bds,rbc,tl,smt HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=47ce4017-f6a1-4366-a1a4-65aebd2c6d66&expires=10 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=340&user_id=47ce4017-f6a1-4366-a1a4-65aebd2c6d66&expires=10 HTTP 302
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=efdcc23d-3711-4e7d-9744-d189fecb6de8 HTTP 302
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=efdcc23d-3711-4e7d-9744-d189fecb6de8

Request Chain 813

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=5770c95a28a2ab6f3d35c00d854d7c07 HTTP 302
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=5770c95a28a2ab6f3d35c00d854d7c07&sr

Request Chain 815

https://id5-sync.com/s/19/9.gif?puid=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=007f78be-91e5-4d54-8874-1e9e2f52bb83&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/2/7/3.gif?puid=7381708761601567904&gdpr=0&gdpr_consent= HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-0b08sqPDXOOtubZLtumJnGpO-vpu4_58reO6xuMCEA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/6/4.gif?puid=4115501602503884086&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/id5?uid=ID5-0b08sqPDXOOtubZLtumJnGpO-vpu4_58reO6xuMCEA&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F5%2F5%2Fgif%2F0%2F0%2F0%2F0%2F HTTP 302
https://id5-sync.com/a/19/121/5/5/gif/0/0/0/0/ZHGABGXCoOQAAAAILwPMAw== HTTP 302
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F4%2F6.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/19/136/4/6.gif?puid=ZcKg4gAAAeT8dABj&gdpr=0&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F3%2F7.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=4f114a2e84568555f21444ed0196bb3c&redir=https://id5-sync.com/c/19/321/3/7.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/19/321/3/7.gif?puid=scXveYpj99e1%2BXJk HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0&gdpr_consent=&id5=ID5-0b08sqPDXOOtubZLtumJnGpO-vpu4_58reO6xuMCEA HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=007f78be-91e5-4d54-8874-1e9e2f52bb83/gdpr=0/gdpr_consent=

Request Chain 816

https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=5770c95a28a2ab6f3d35c00d854d7c07 HTTP 302
https://thrtle.com/insync?gdpr=0&vxii_pdid=5770c95a28a2ab6f3d35c00d854d7c07&vxii_pid=12&vxii_pid1=10014&vxii_rcid=51252ef8-cc2f-4b31-88c5-d44ba1b881b0

Request Chain 817

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07 HTTP 303
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07&_li_chk=true&previous_uuid=81a4022d2b4f4aa69cfa7936ff54462c HTTP 303
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07

Request Chain 820

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=ac85a7e1-b596-45ef-a13b-b758abcf1818&gdpr=0

Request Chain 822

https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79 HTTP 302
https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79 HTTP 302
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=b2bc014c-da63-4f13-b0a8-bfe2963f7de9

Request Chain 827

https://x01.aidata.io/0.gif?pid=LOTAME&id=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0 HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&bounce=1

Request Chain 828

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=208870804784003980594&gdpr=0&gdpr_consent=

Request Chain 831

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZcKg4gAAAeT8dABj HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZcKg4gAAAeT8dABj/gdpr=0&_test=ZcKg4gAAAeT8dABj

Request Chain 833

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=295070168 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D295070168 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=295070168

Request Chain 885

https://vip.badutprediction.info/jalur-shio HTTP 301
https://vip.badutprediction.info/jalur-shio/

Request Chain 886

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=26260 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=26260&_li_chk=true&previous_uuid=ed96b09d6598408eb0c8a6571e1fd497 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 887

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=58532 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=58532&_li_chk=true&previous_uuid=9023deca3df4464b9063f11cae6b7a38 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 889

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72409&pu= HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72409&pu=&expected_cookie=aa7ae4f4-45d8-4f58-bb5e-cae2f7f207be

Request Chain 890

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72972&pu=https://vip.disksusiangka.info/ HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72972&pu=https%3A%2F%2Fvip.disksusiangka.info%2F&expected_cookie=2d6a6042-b127-4b9b-9adc-acbb2bee529e

Request Chain 910

https://vip.poltar2d.info/buku-mimpi-4d HTTP 301
https://vip.poltar2d.info/buku-mimpi-4d/

Request Chain 945

https://vip.poltar2d.info/buku-mimpi-4d HTTP 301
https://vip.poltar2d.info/buku-mimpi-4d/

Request Chain 946

https://um.simpli.fi/lj_match?r=58935 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 947

https://um.simpli.fi/lj_match?r=12313 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=3D87D4FF2F1440DCAEE1368598DDAEC6

Request Chain 1057

https://um.simpli.fi/lj_match?r=7246 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1058

https://um.simpli.fi/lj_match?r=67226 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1063

https://vip.poltar2d.info/generator-angka HTTP 301
https://vip.poltar2d.info/generator-angka/

Request Chain 1070

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=38925 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 1072

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=40823 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 1162

https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=efdcc23d-3711-4e7d-9744-d189fecb6de8&gdpr=0

Request Chain 1163

https://tag.crsspxl.com/c.gif?t=57603&gdpr=0 HTTP 302
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0

Request Chain 1165

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=5a40d8be277ca7fc5b77d99c5bcddb95&gdpr=0

Request Chain 1166

https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0&_bee_ppp=1 HTTP 303
https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AACl-E7LhUIAABPXK-wwqQ&gdpr=0

Request Chain 1167

https://map.cookieless-data.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent= HTTP 307
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent= HTTP 307
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=&bounce=1

Request Chain 1168

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=683838214 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=683838214

Request Chain 1169

https://dmp.adform.net/dmp/profile/?pid=10131&sg=97485 HTTP 302
https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=97485

Request Chain 1170

https://dmp.adform.net/dmp/profile/?pid=10131&sg=37987 HTTP 302
https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=37987

Request Chain 1177

https://vip.poltar2d.info/paito-warna-japan HTTP 301
https://vip.poltar2d.info/paito-warna-japan/

Request Chain 1225

https://vip.badutprediction.info/live-sydney HTTP 301
https://vip.badutprediction.info/live-sydney/

Request Chain 1294

https://vip.poltar2d.info/paito-warna-taiwan HTTP 301
https://vip.poltar2d.info/paito-warna-taiwan/

Request Chain 1318

https://vip.poltar2d.info/pola-dasar HTTP 301
https://vip.poltar2d.info/pola-dasar/

Request Chain 1340

https://um.simpli.fi/lj_match?r=3568 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1440

https://vip.poltar2d.info/paito-warna-cambodia HTTP 301
https://vip.poltar2d.info/paito-warna-cambodia/

Request Chain 1454

https://um.simpli.fi/lj_match?r=13087 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1536

https://um.simpli.fi/lj_match?r=98171 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1537

https://um.simpli.fi/lj_match?r=24028 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1543

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IHkZASZHA2sVaM4OTSeOEoCk/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=5770c95a28a2ab6f3d35c00d854d7c07

Request Chain 1557

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=928038587 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=928038587

Request Chain 1611

https://vip.badutprediction.info/rekap-angka-ct HTTP 301
https://vip.badutprediction.info/rekap-angka-ct/

Request Chain 1613

https://um.simpli.fi/lj_match?r=47975 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1672

https://vip.poltar2d.info/prediksi-china HTTP 301
https://vip.poltar2d.info/prediksi-china/

Request Chain 1677

https://um.simpli.fi/lj_match?r=24617 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1679

https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0

Request Chain 1773

https://vip.poltar2d.info/rekap-angka-3d HTTP 301
https://vip.poltar2d.info/rekap-angka-3d/

Request Chain 1779

https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js HTTP 302
https://cdn.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js

Request Chain 1785

https://um.simpli.fi/lj_match?r=93377 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1792

https://vip.poltar2d.info/live-china HTTP 301
https://vip.poltar2d.info/live-china/

Request Chain 1860

https://um.simpli.fi/lj_match?r=111 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1898

https://um.simpli.fi/lj_match?r=87864 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1935

https://um.simpli.fi/lj_match?r=34553 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 1943

https://vip.poltar2d.info/generator-line-angka HTTP 301
https://vip.poltar2d.info/generator-line-angka/

Request Chain 1949

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mi10OVRDeVRWM2ZuR3JRcmxxSUdFUVV0TEZqZTNpNlZOMlZob1pwb2FjMGM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEArJvjzU9htlupBp03jnPS8&google_cver=1

Request Chain 1950

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=007f78be-91e5-4d54-8874-1e9e2f52bb83&bid=1e2n4ou

Request Chain 1951

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=ZcKg4gAAAeT8dABj&bid=0rijhbu&referrer_pid=51md42u

Request Chain 1952

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Ki2E6tZE2pWtIIp1Kon_iZsmMaOvKlLgi0Q-~A

Request Chain 1953

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=7381708761601567904&bid=2cr76e1&referrer_pid=51md42u

Request Chain 1956

https://vip.poltar2d.info/prediksi-sydney HTTP 301
https://vip.poltar2d.info/prediksi-sydney/

Request Chain 2041

https://um.simpli.fi/lj_match?r=27636 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2043

https://um.simpli.fi/lj_match?r=39350 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2062

https://um.simpli.fi/lj_match?r=28602 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2063

https://um.simpli.fi/lj_match?r=13365 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2107

https://um.simpli.fi/lj_match?r=68684 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2110

https://um.simpli.fi/lj_match?r=71264 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2127

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=654111251 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=654111251

Request Chain 2129

https://vip.poltar2d.info/pola-dasar HTTP 301
https://vip.poltar2d.info/pola-dasar/

Request Chain 2308

https://vip.poltar2d.info/pola-dasar HTTP 301
https://vip.poltar2d.info/pola-dasar/

Request Chain 2375

https://um.simpli.fi/lj_match?r=57807 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2379

https://vip.poltar2d.info/generator-angka HTTP 301
https://vip.poltar2d.info/generator-angka/

Request Chain 2382

https://um.simpli.fi/lj_match?r=62247 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2383

https://um.simpli.fi/lj_match?r=39819 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2401

https://vip.poltar2d.info/pola-dasar HTTP 301
https://vip.poltar2d.info/pola-dasar/

Request Chain 2481

https://vip.poltar2d.info/prediksi-sydney HTTP 301
https://vip.poltar2d.info/prediksi-sydney/

Request Chain 2542

https://um.simpli.fi/lj_match?r=73355 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2543

https://um.simpli.fi/lj_match?r=80678 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2553

https://vip.poltar2d.info/generate-bbfs HTTP 301
https://vip.poltar2d.info/generate-bbfs/

Request Chain 2554

https://um.simpli.fi/lj_match?r=60442 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2681

https://vip.badutprediction.info/prediksi-china HTTP 301
https://vip.badutprediction.info/prediksi-china/

Request Chain 2734

https://vip.poltar2d.info/rekap-on-of HTTP 301
https://vip.poltar2d.info/rekap-on-of/

Request Chain 2762

https://um.simpli.fi/lj_match?r=47675 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2763

https://um.simpli.fi/lj_match?r=75359 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2833

https://um.simpli.fi/lj_match?r=2616 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2834

https://um.simpli.fi/lj_match?r=84678 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2864

https://vip.poltar2d.info/rekap-angka-3d HTTP 301
https://vip.poltar2d.info/rekap-angka-3d/

Request Chain 2885

https://vip.poltar2d.info/paito-warna-china HTTP 301
https://vip.poltar2d.info/paito-warna-china/

Request Chain 2893

https://vip.poltar2d.info/paito-warna-sydney HTTP 301
https://vip.poltar2d.info/paito-warna-sydney/

Request Chain 2897

https://um.simpli.fi/lj_match?r=82909 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2898

https://um.simpli.fi/lj_match?r=80809 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

Request Chain 2903

https://um.simpli.fi/lj_match?r=84820 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

2935 HTTP transactions
65 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vip.disksusiangka.info/
Redirect Chain

http://vip.disksusiangka.info/
https://vip.disksusiangka.info/

111 KB
25 KB

254ms
245ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d60841f72fb04af252ea45d2d13bd4e551126633709556c16492624bc1454eb4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:58 GMT
link: <https://vip.disksusiangka.info/wp-json/>; rel="https://api.w.org/" <https://vip.disksusiangka.info/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.disksusiangka.info/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-length: 23
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:58 GMT
location: https://vip.disksusiangka.info/
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 style.min.css
vip.disksusiangka.info/wp-includes/css/dist/block-library/ 108 KB
13 KB 7ms
5ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Tue, 30 Jan 2024 23:13:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
BLOB 200
OK 52e746cf-909d-499e-8cd0-8e625149295b
https://vip.disksusiangka.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.disksusiangka.info/52e746cf-909d-499e-8cd0-8e625149295b
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 cwp.css
vip.disksusiangka.info/wp-content/plugins/comments-widget-plus/assets/css/ 227 B
495 B 9ms
5ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 227
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 sidebar-login.css
vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/ 2 KB
374 B 17ms
10ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 style.css
vip.disksusiangka.info/wp-content/themes/asteroid/ 28 KB
8 KB 18ms
12ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 jquery.min.js Show response
vip.disksusiangka.info/wp-includes/js/jquery/ 86 KB
29 KB 13ms
7ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.disksusiangka.info/wp-includes/js/jquery/ 13 KB
5 KB 16ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
26 KB 30ms
5ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.disksusiangka.info/
Origin: https://vip.disksusiangka.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567690
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1269-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 34ms
10ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 5434837
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664f61a865ce5-SIN
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 26ms
3ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.disksusiangka.info/
Origin: https://vip.disksusiangka.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084184
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1269-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 62 KB
16 KB 30ms
8ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.disksusiangka.info/
Origin: https://vip.disksusiangka.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368794
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1269-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... 258 KB
258 KB 2280ms
2258ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H2 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... 4 MB
4 MB 307ms
286ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... 53 KB
53 KB 457ms
446ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... 652 KB
653 KB 465ms
455ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... 397 KB
397 KB 1140ms
1130ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H2 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... 443 KB
443 KB 436ms
427ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... 829 KB
830 KB 526ms
517ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... 736 KB
737 KB 385ms
377ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... 1 MB
1 MB 482ms
474ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... 2 MB
2 MB 473ms
465ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... 2 MB
2 MB 439ms
432ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... 733 KB
733 KB 415ms
408ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... 2 MB
2 MB 444ms
438ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... 812 KB
812 KB 531ms
525ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... 659 KB
659 KB 426ms
421ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... 1 MB
1 MB 545ms
540ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... 718 KB
719 KB 386ms
382ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... 309 KB
309 KB 419ms
415ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... 1 MB
1 MB 390ms
387ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
H2 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... 173 KB
173 KB 398ms
395ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:58 GMT

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 31ms
11ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.disksusiangka.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 43658
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: eaf82305656a81c1cc17d0bea1926911
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664f6aab140eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 32ms
15ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78799
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664f6c8a240e8-SIN
content-length: 4547

GET
H/1.1 200
OK 4710812&101.gif
s4is.histats.com/stats/i/ 1 KB
1 KB 762ms
256ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4710812&101.gif?4710812&101
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 3486af1efae5988985567501879201075febf077d1f394ce83eab3319fb210ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
ETag: -1340887168
Content-Length: 1145
Content-Type: image/png

GET
H2 200 4fd4cf70c8bd2b0429b5e73d86cdd397
secure.gravatar.com/avatar/ 1 KB
2 KB 25ms
4ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/4fd4cf70c8bd2b0429b5e73d86cdd397?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5800f2ab7d41d8c2917b85c61a643febbb863f672d077201d23d88d6c0874856

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:12:58 GMT
last-modified: Mon, 24 Oct 2022 20:51:59 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="4fd4cf70c8bd2b0429b5e73d86cdd397.jpeg"
accept-ranges: bytes
link: <https://gravatar.com/avatar/4fd4cf70c8bd2b0429b5e73d86cdd397?s=35&d=mm&r=g>; rel="canonical"
content-length: 1259
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:17:58 GMT

GET
H2 200 6252e39839e6ccd08a0e6cc300ddbe37
secure.gravatar.com/avatar/ 3 KB
3 KB 24ms
3ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/6252e39839e6ccd08a0e6cc300ddbe37?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 11185f2195e02415011e74251233e377b156e28dadfd626be19c50016561d7ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:12:58 GMT
last-modified: Wed, 10 May 2023 05:31:27 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="6252e39839e6ccd08a0e6cc300ddbe37.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/6252e39839e6ccd08a0e6cc300ddbe37?s=35&d=mm&r=g>; rel="canonical"
content-length: 3132
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:17:58 GMT

GET
H2 200 81f019efc01a267e92ba94ecc6392d26
secure.gravatar.com/avatar/ 3 KB
4 KB 23ms
2ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e960c32bd5c77e745800b354a8f6a3e129b45ef5285f2efa481ddbe62e67b27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:12:58 GMT
last-modified: Thu, 07 Sep 2023 03:56:58 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="81f019efc01a267e92ba94ecc6392d26.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=35&d=mm&r=g>; rel="canonical"
content-length: 3412
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:17:58 GMT

GET
H2 200 poltar.php Show response
vip.pangkalanhdgroup.com/ Frame 63A1 11 KB
3 KB 40ms
6ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.pangkalanhdgroup.com/poltar.php

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

a29edc6ce037f547367624f31d091bad2479e96cc965ee2cf6e480069c5d66b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 / Show response
vip.badutprediction.info/ Frame 43CC 114 KB
22 KB 367ms
343ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d9f8d555b90fe329613de68e047d5a8fb0db0e955f41aa064dd15ceb812c4ca9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:59 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.disksusiangka.info/wp-includes/js/dist/vendor/ 8 KB
2 KB 12ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.disksusiangka.info/wp-includes/js/dist/vendor/ 6 KB
2 KB 11ms
9ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.disksusiangka.info/wp-includes/js/dist/vendor/ 112 KB
34 KB 15ms
14ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 frontend.js Show response
vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/ 4 KB
2 KB 12ms
11ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H2

200

/ Show response
vip.zona88.top/kalkulator-invest/ Frame DD1E
Redirect Chain

https://vip.zona88.top/kalkulator-invest
https://vip.zona88.top/kalkulator-invest/

100 KB
23 KB

66ms
64ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/kalkulator-invest/

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

7a74debf44986df11f9aa76658fba794335514266550e691c312d9ce6e7fdb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:58 GMT
link: <https://vip.zona88.top/wp-json/>; rel="https://api.w.org/" <https://vip.zona88.top/wp-json/wp/v2/posts/287>; rel="alternate"; type="application/json" <https://vip.zona88.top/?p=287>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.zona88.top/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:58 GMT
location: https://vip.zona88.top/kalkulator-invest/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.zona88.top/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4710812.php Show response
s4.histats.com/stats/ 437 B
572 B 772ms
267ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4710812.php?4710812&@f16&@g1&@h1&@i1&@j1707253978726&@k0&@l1&@mDISKUSI%20ANGKA%20TOP%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@o1000&@q0&@r0&@s3023&@ten-US&@u1600&@b1:172211814&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.disksusiangka.info%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e6ca8b2824b23a600f1c53ee766abbb95a0e9dd0b1275068034aaa03a4903daa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame 63A1 15 KB
4 KB 14ms
3ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.disksusiangka.info/wp-includes/js/ 18 KB
5 KB 6ms
5ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 63A1 11 KB
4 KB 13ms
12ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78799
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664f7896640e8-SIN
content-length: 4547

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 63A1 435 B
570 B 762ms
264ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:34855065&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 63A1 435 B
570 B 772ms
267ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-3716301&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 63A1 435 B
570 B 777ms
267ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-129044399&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 63A1 435 B
570 B 783ms
268ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:123576014&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.zona88.top/wp-includes/css/dist/block-library/ Frame DD1E 108 KB
14 KB 10ms
9ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:09 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13600
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
BLOB 200
OK 28d4a323-2bf5-4dce-81b5-1cbcd61d4e15
https://vip.zona88.top/ Frame DD1E 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.zona88.top/28d4a323-2bf5-4dce-81b5-1cbcd61d4e15
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 cwp.css
vip.zona88.top/wp-content/plugins/comments-widget-plus/assets/css/ Frame DD1E 227 B
284 B 20ms
14ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 sidebar-login.css
vip.zona88.top/wp-content/plugins/sidebar-login/build/ Frame DD1E 2 KB
376 B 20ms
15ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 style.css
vip.zona88.top/wp-content/themes/asteroid/ Frame DD1E 28 KB
8 KB 22ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 jquery.min.js Show response
vip.zona88.top/wp-includes/js/jquery/ Frame DD1E 86 KB
29 KB 24ms
19ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zona88.top/wp-includes/js/jquery/ Frame DD1E 13 KB
5 KB 23ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame DD1E 157 KB
26 KB 25ms
19ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zona88.top/
Origin: https://vip.zona88.top
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567690
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1269-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame DD1E 30 KB
7 KB 37ms
31ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 5434837
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664f81b5b5ce5-SIN
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame DD1E 21 KB
8 KB 26ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zona88.top/
Origin: https://vip.zona88.top
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084184
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1269-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame DD1E 62 KB
16 KB 27ms
23ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zona88.top/
Origin: https://vip.zona88.top
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368794
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1269-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame DD1E 258 KB
258 KB 2230ms
2229ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H2 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame DD1E 4 MB
4 MB 2482ms
2481ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame DD1E 53 KB
53 KB 293ms
284ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame DD1E 652 KB
652 KB 281ms
272ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame DD1E 397 KB
397 KB 302ms
294ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame DD1E 443 KB
443 KB 859ms
851ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame DD1E 829 KB
829 KB 274ms
267ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame DD1E 736 KB
736 KB 7788ms
7779ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame DD1E 1 MB
1 MB 7786ms
7777ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame DD1E 1 MB
0 7803ms
7795ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame DD1E 1 MB
0 7800ms
7792ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame DD1E 733 KB
733 KB 7791ms
7783ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame DD1E 1 MB
0 7797ms
7789ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame DD1E 812 KB
812 KB 884ms
877ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame DD1E 659 KB
659 KB 7804ms
7797ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame DD1E 1 MB
1 MB 874ms
868ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame DD1E 718 KB
718 KB 7792ms
7785ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame DD1E 309 KB
309 KB 7793ms
7787ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame DD1E 1 MB
1 MB 7786ms
7780ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame DD1E 173 KB
173 KB 844ms
838ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H/1.1 200
OK 4772420.gif
s4is.histats.com/stats/i/ Frame DD1E 43 B
182 B 750ms
276ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4772420.gif?4772420&103
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.zona88.top/wp-includes/js/ Frame DD1E 3 KB
1 KB 19ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zona88.top/wp-includes/js/dist/vendor/ Frame DD1E 8 KB
2 KB 20ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zona88.top/wp-includes/js/dist/vendor/ Frame DD1E 6 KB
2 KB 25ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zona88.top/wp-includes/js/dist/vendor/ Frame DD1E 112 KB
34 KB 20ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H3 200 frontend.js Show response
vip.zona88.top/wp-content/plugins/sidebar-login/build/ Frame DD1E 4 KB
2 KB 25ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:12:58 GMT

GET
H2 200 hitam.webp
zona-bermain.com/wp-content/uploads/2023/11/ Frame DD1E 77 KB
78 KB 95ms
38ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2023/11/hitam.webp
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: fd3c5e931997685edd6b40a5aaee81c19cdcbeba459fa44aa09137d75b2bcf63

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
last-modified: Wed, 08 Nov 2023 01:12:41 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 79266
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 hitung.php Show response
bungaprediction.top/ Frame CEBC 49 KB
8 KB 28ms
18ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/hitung.php

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

5b812c2c30ed148a44c8cff95541183e3e9f97c38f0e6d87076eec9ee7f57e72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame DD1E 11 KB
4 KB 32ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78799
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664f89a4840e8-SIN
content-length: 4547

GET
H2 200 poltar.php Show response
vip.pangkalanhdgroup.com/ Frame 5188 11 KB
2 KB 23ms
16ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.pangkalanhdgroup.com/poltar.php

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

a29edc6ce037f547367624f31d091bad2479e96cc965ee2cf6e480069c5d66b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame DD1E 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame DD1E 75 KB
76 KB 22ms
22ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zona88.top
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 158752
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 730881de533c3ee19ed21860d748b868
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664f8abc640eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5188 15 KB
4 KB 16ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 style.css
bungaprediction.top/wp-content/themes/frontier/ Frame CEBC 26 KB
6 KB 22ms
21ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/wp-content/themes/frontier/style.css

Requested by

Host: bungaprediction.top
URL: https://bungaprediction.top/hitung.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e4f6c6576d71bd557785071ed53634304d9d61580ab81bf6b21c0d5e910b71ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/hitung.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:45:39 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 6058
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame 43CC 108 KB
13 KB 31ms
24ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 43CC 227 B
282 B 46ms
40ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 43CC 2 KB
437 B 29ms
23ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame 43CC 28 KB
8 KB 46ms
40ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 43CC 86 KB
29 KB 43ms
37ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 43CC 13 KB
5 KB 47ms
42ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 43CC 157 KB
26 KB 19ms
16ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567691
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 43CC 30 KB
7 KB 32ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048124
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664f9882589a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 43CC 21 KB
8 KB 21ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084184
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 43CC 62 KB
16 KB 23ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368794
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame CEBC 11 KB
5 KB 32ms
32ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: bungaprediction.top
URL: https://bungaprediction.top/hitung.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78800
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664f99a9b40e8-SIN
content-length: 4547

GET
H/1.1 200
OK 4772420.php Show response
s4.histats.com/stats/ Frame DD1E 435 B
570 B 2108ms
1590ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4772420.php?4772420&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mKALKULATOR%20INVES%20%E2%80%93%20ZONA%2088&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-136672427&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: fa6eb626ec49433f004b579ce94c3b4fe0dda0bafff918fe244f8c2d4413c2a6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
vip.zona88.top/wp-includes/js/ Frame DD1E 18 KB
5 KB 15ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/kalkulator-invest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5188 11 KB
4 KB 22ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78800
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664f9daca40e8-SIN
content-length: 4547

GET
BLOB 200
OK 29e47eea-c4f1-4322-befd-0258fea83458
https://vip.badutprediction.info/ Frame 43CC 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.badutprediction.info/29e47eea-c4f1-4322-befd-0258fea83458
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK 4402211.php Show response
s4.histats.com/stats/ Frame CEBC 433 B
568 B 1122ms
262ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4402211.php?4402211&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mAplikasi%20Kalkulator%20Togel%20%7C%20koperangka.com&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s433&@ten-US&@u1600&@b1:15080829&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fbungaprediction.top%2Fhitung.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: a2b9d983b8b1617a3f1db85849d047987875774dac56864c28b4b687a1c53ba6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
Content-Length: 433
Content-Type: text/html;charset=UTF-8

GET
H2 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame DD1E 230 B
540 B 80ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame DD1E 231 B
542 B 79ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame 43CC 135 KB
135 KB 21ms
20ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 137792
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame 43CC 3 MB
3 MB 26ms
23ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 43CC 311 B
338 B 10513ms
10512ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_DhvDCpkIgEeBZME6OIEURdUUtmEF9sTWy-3zmRDrV-mQos/s25/on-1.gif

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 5188 435 B
570 B 1106ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-35042843&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 5188 435 B
570 B 1126ms
269ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:184406456&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 5188 435 B
570 B 1138ms
260ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:183343977&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 5188 435 B
570 B 1145ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-108958152&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 43CC 11 KB
4 KB 38ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78800
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664fa7b7b40e8-SIN
content-length: 4547

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame 43CC 43 B
182 B 476ms
274ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 43CC 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 43CC 75 KB
76 KB 45ms
44ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135595
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664fa9d1540eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 poltar.php Show response
vip.roomangkasa.top/ Frame 6B81 10 KB
3 KB 556ms
34ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:59 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 / Show response
vip.zonaprediction.com/ Frame B318 112 KB
25 KB 137ms
74ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

b7c1b2cc0ac5176af535ffff39f253da6757b27d98ca1a6360576781acb21d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:59 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 43CC 8 KB
2 KB 29ms
28ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 43CC 6 KB
2 KB 84ms
83ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 43CC 112 KB
34 KB 27ms
26ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 43CC 4 KB
2 KB 83ms
82ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/jalur-shio/ Frame D3E5
Redirect Chain

https://vip.badutprediction.info/jalur-shio
https://vip.badutprediction.info/jalur-shio/

107 KB
21 KB

252ms
252ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/jalur-shio/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

9ab92359d24e94117f50fd55858832e8adc3905bea4b4e23cb43d239438a9d3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:59 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/293>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=293>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:59 GMT
location: https://vip.badutprediction.info/jalur-shio/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame 43CC 435 B
570 B 1695ms
256ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBADUT%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-137155803&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 75c9c37afd683ccdc44fe196f9453bb2e9d54eaeef1db248eed961b91920ed5f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame B318 108 KB
13 KB 36ms
34ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 43CC 18 KB
5 KB 22ms
22ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
BLOB 200
OK 86bd92b0-47cc-4312-bc9c-00dcccbdfea1
https://vip.zonaprediction.com/ Frame B318 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.zonaprediction.com/86bd92b0-47cc-4312-bc9c-00dcccbdfea1
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame B318 227 B
294 B 35ms
19ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame B318 2 KB
387 B 36ms
20ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame B318 28 KB
8 KB 46ms
30ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame B318 86 KB
29 KB 49ms
34ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame B318 13 KB
5 KB 40ms
31ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4678
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame B318 157 KB
26 KB 34ms
26ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567691
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame B318 30 KB
7 KB 50ms
42ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048124
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664fc099589a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame B318 21 KB
8 KB 35ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084185
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame B318 62 KB
16 KB 36ms
29ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368794
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame B318 258 KB
258 KB 1273ms
1268ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame B318 4 MB
4 MB 334ms
329ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame B318 53 KB
53 KB 676ms
674ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame B318 652 KB
652 KB 376ms
371ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame B318 397 KB
397 KB 355ms
350ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:12:59 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame B318 443 KB
443 KB 10149ms
10144ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame B318 829 KB
829 KB 10164ms
10159ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame B318 736 KB
736 KB 10167ms
10163ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame B318 1 MB
1 MB 10159ms
10155ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame B318 1 MB
0 10151ms
10147ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame B318 1 MB
0 10137ms
10133ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame B318 733 KB
733 KB 10155ms
10152ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame B318 1 MB
0 10131ms
10127ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame B318 812 KB
812 KB 10153ms
10150ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame B318 659 KB
659 KB 10218ms
10215ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame B318 1 MB
1 MB 10141ms
10138ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame B318 718 KB
718 KB 10124ms
10121ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame B318 309 KB
309 KB 10158ms
10156ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame B318 1 MB
0 10162ms
10160ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame B318 173 KB
173 KB 10141ms
10139ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H2 200 cc_3023.js Show response
s10.histats.com/counters/ 18 KB
7 KB 42ms
40ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3023.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc38d83d1b3a0c1618808c64468640a3ea2cc5598ae22b38a81cb3857603b79

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 67044
etag: "73940338"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664fc6c8c40e8-SIN
content-length: 7567

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
4 KB 458ms
382ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4710812.php?4710812&@f16&@g1&@h1&@i1&@j1707253978726&@k0&@l1&@mDISKUSI%20ANGKA%20TOP%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@o1000&@q0&@r0&@s3023&@ten-US&@u1600&@b1:172211814&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.disksusiangka.info%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6f19cbf83bc8d56af5e96a2abc1d37254aa64e1f3cb419f6a4a0526aa3de15

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-t: 0.272
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AzNt0hvvRx%2BTgU3nT9eZw9WlFW5OuNCd4RBE9FvoSFrLzzHM%2Fw8t35yJ1ARjRNRULVHsfey4wS9Wj0b8AyYVAtZWgTEQhY82BoQY5H45iQUiLK43c1BiRjmaERMwnZj6H%2Fj4n8h3Gvhu6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851664fcec015f5e-SIN
expires: Tue, 06 Feb 2024 21:12:58 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B318 11 KB
4 KB 36ms
36ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78800
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664fcccca40e8-SIN
content-length: 4547

GET
H2 200 poltar.php Show response
vip.zonafantasi.info/ Frame E344 12 KB
3 KB 154ms
36ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame B318 1 KB
1 KB 449ms
272ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 4a36cde30fc9ed0494a18b7c62f36e9aa38a1fcbe0b05eea48b4858ee04a42b2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:12:59 GMT
Connection: close
ETag: -1283929906
Content-Length: 1093
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame B318 65 KB
65 KB 10266ms
10264ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame B318 8 KB
2 KB 31ms
28ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame B318 6 KB
2 KB 103ms
101ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame B318 112 KB
34 KB 41ms
39ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame B318 4 KB
2 KB 39ms
38ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
DATA 200
OK truncated
/ Frame B318 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame B318 75 KB
76 KB 42ms
41ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 465118
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c4f1d4ee3f7913748b6627f04107416
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664fcefa140eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 63A1 13 KB
4 KB 50ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69687
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664fd1cec40e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 63A1 7 KB
3 KB 361ms
360ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:34855065&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4ddacc726bbd0260a6610faa5eee60918e30e5038fa44a1a699988d0e62663

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-t: 0.273
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR%2BsT5jQHejAfpSTOj3V6gbc6vDvQW3zBBEKbFNVBP6MDun%2Bu8QYeUdAiiWU13ype1t%2FO7pLgs9%2BgsSeCFwt65w0kcoLiL9BgEyJnJY9nKmfmwFst4gMhjpHaeOtAtkNA6f%2FtOoBjqKupGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851664fd1c1c5f5e-SIN
expires: Tue, 06 Feb 2024 21:12:58 GMT

GET
H2

200

/ Show response
vip.poltar2d.info/live-china/ Frame AB2A
Redirect Chain

https://vip.poltar2d.info/live-china
https://vip.poltar2d.info/live-china/

100 KB
24 KB

62ms
61ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-china/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

09979e17fedcc151a6bfd3d1257030d6008b4e3329b022b618480008aa53d36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/274>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=274>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:12:59 GMT
location: https://vip.poltar2d.info/live-china/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame B318 436 B
571 B 1409ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-148366652&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 2355c0718f4855e3d2c2488eb10acad260e2911bf7b87a7219d706fc431014d3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c31802f0c5aba412bd6630e9b1614cfdc2d8be2ea31960c43cc417d3a80196

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame E344 15 KB
3 KB 31ms
30ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame B318 18 KB
5 KB 17ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 6B81 15 KB
3 KB 99ms
98ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E344 11 KB
4 KB 30ms
29ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78800
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664fe9db540e8-SIN
content-length: 4547

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame D3E5 108 KB
13 KB 17ms
15ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame D3E5 227 B
271 B 23ms
18ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame D3E5 2 KB
374 B 22ms
18ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame D3E5 28 KB
8 KB 22ms
19ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame D3E5 86 KB
29 KB 23ms
20ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame D3E5 13 KB
5 KB 36ms
33ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame D3E5 157 KB
26 KB 53ms
51ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567692
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D3E5 30 KB
7 KB 42ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048124
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664fedb2a89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame D3E5 21 KB
8 KB 54ms
52ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084185
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame D3E5 62 KB
16 KB 29ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:12:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368795
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame D3E5 3 MB
3 MB 34ms
33ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:12:59 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3233741
expires: Tue, 13 Feb 2024 21:12:59 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame D3E5 311 B
338 B 2993ms
2992ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:02 GMT

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 1080ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-160540882&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2496ms
1622ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:21129444&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 1898ms
1024ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:146722378&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 1793ms
252ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:1063767&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 1821ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:40650594&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 1822ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-43968771&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2229ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:132846935&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2289ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-169175642&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2279ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:62602688&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2344ms
248ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:84259954&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2315ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-126339522&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2305ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:43834258&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 1646ms
241ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-139522025&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2179ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:140998283&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2192ms
239ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-187477067&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E344 439 B
574 B 2158ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:3091017&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame AB2A 108 KB
14 KB 27ms
26ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame AB2A 227 B
273 B 31ms
26ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame AB2A 2 KB
376 B 32ms
27ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame AB2A 28 KB
8 KB 32ms
28ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame AB2A 86 KB
29 KB 33ms
29ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame AB2A 13 KB
5 KB 62ms
59ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame AB2A 157 KB
26 KB 34ms
30ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567692
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame AB2A 30 KB
7 KB 68ms
64ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048125
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851664ffdb8889a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame AB2A 21 KB
8 KB 38ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084185
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame AB2A 62 KB
16 KB 37ms
34ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368795
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame AB2A 258 KB
258 KB 1083ms
1079ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame AB2A 4 MB
4 MB 431ms
428ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame AB2A 53 KB
53 KB 798ms
788ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame AB2A 652 KB
652 KB 402ms
391ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame AB2A 397 KB
397 KB 410ms
399ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame AB2A 443 KB
443 KB 9534ms
9524ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame AB2A 829 KB
829 KB 9459ms
9449ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame AB2A 736 KB
736 KB 9516ms
9506ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame AB2A 1 MB
1 MB 9535ms
9525ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame AB2A 1 MB
0 9483ms
9473ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame AB2A 1 MB
0 9496ms
9486ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame AB2A 733 KB
733 KB 9498ms
9488ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame AB2A 1 MB
0 9508ms
9499ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame AB2A 812 KB
812 KB 9510ms
9501ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame AB2A 659 KB
659 KB 9518ms
9509ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame AB2A 1 MB
1 MB 9492ms
9484ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame AB2A 718 KB
718 KB 9477ms
9468ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame AB2A 309 KB
309 KB 9523ms
9515ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame AB2A 1 MB
0 9540ms
9532ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame AB2A 173 KB
173 KB 9459ms
9451ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6B81 11 KB
5 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78801
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851664ffbe3a40e8-SIN
content-length: 4547

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame D3E5 135 KB
135 KB 143ms
142ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D3E5 11 KB
4 KB 37ms
31ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78801
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665001ed540e8-SIN
content-length: 4547

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame D3E5 43 B
182 B 283ms
264ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H2 200 poltar.php Show response
vip.roomangkasa.top/ Frame C463 10 KB
2 KB 35ms
28ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 86D0 112 KB
25 KB 75ms
71ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

c410c9c41c55903e0c2f21b699e8485848c9b3587acc3af141a2077dba012b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame D3E5 3 KB
1 KB 407ms
404ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame D3E5 8 KB
2 KB 407ms
403ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame D3E5 6 KB
2 KB 410ms
406ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame D3E5 112 KB
34 KB 424ms
418ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame D3E5 4 KB
2 KB 438ms
432ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 3DB8 1 KB
788 B 394ms
391ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01707253979FD08C0654459DC447A
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6078aa8276c25b85bde49466cd4a096d190b87fd1c74612922d9d4ed3175e8d6

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 851665004f5a5f5e-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
expires: Tue, 06 Feb 2024 21:12:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9Zs326%2B1TmH4eDNgMa6JLLcPrBvTVYR9XdUJu6BDpy%2F8aWkQ9q1MspGt9vjp%2B39zALFCjKtNmAbz%2BOZv0uOsQHcKPQ2158P8Y%2BaTDw0JLMNPAxDpNBz0Bzt%2Bq%2FhooEdEX9f1e1xqwQ%2FxVs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 199ms
129ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1596
x-amz-cf-id: l9eTrt71fE5eaPuG3cTP2uY94RHutovL-uKUVQ4lq_KBJoF4TTnUxw==

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
344 B 388ms
386ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.disksusiangka.info&_ss=16mo4ru7u1&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=5p0d&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a01e5639db4d9856d75677e2942b3353dbe7c287da34ffa20b95b3004acb2ce

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-t: 0.143
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOIGHkzmcphVjCchH8X3rp2avAXkyD%2FQ6%2BYBrbO5U08iwFbLN83o1LkfvXUzcQ%2FTpK6Hk9l3lEA75Derm6t34JPY9Me4XOUQGf84Hk2dfbHx7uq%2BQH5i5QBJN70Srlzy%2FCFbRkChOu1Umrs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665004f5d5f5e-SIN
expires: Tue, 06 Feb 2024 21:12:59 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 37D0 1 KB
742 B 388ms
387ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e1f0895d08d89e7637dc80c8fc225f0b396445c667af55d3f8b8d10776d249

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 851665004f5f5f5e-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
expires: Tue, 06 Feb 2024 21:12:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKzrJHYFlGapPlTrYQkTAaKBztQjAB8drOS7m74zg06zM23y%2Br9%2FZHm416xPVIas7dJfjfheD1ppFormL5U7Wu98FqNCkgP7yxq0gf%2B7MPPwemyKdubQSu5MZyTCLZlFbIOmWWzNKv1rgJQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 63A1 33 KB
11 KB 219ms
153ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1596
x-amz-cf-id: UwNkqQ85X_M_BPBpPYNeffSX_mk9bfiLxsMWsfAT0OAQavFw9PAw-w==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 63A1 51 B
339 B 389ms
388ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.pangkalanhdgroup.com&_ss=4lyhc3zprs&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=sjvv&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65470175409bc240f81a829e2f6516ec88c4eaabadb98164f5e4cefa7c7e6852

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-t: 0.128
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hc2hfPoO303B1%2Fo5C%2FgPvTX1F4Mj4RibG%2F%2BG1Skb5fj9eM11p3JHe%2BwlTSJTw9gsKHHLq1fLy8M8%2B1XQ3GT7kVZbtqzokzWptA4sh8qGrf6ZCvpbGEZeVH5bwI1M2DYccEQq34h6cc0DiX8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665004f615f5e-SIN
expires: Tue, 06 Feb 2024 21:12:59 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame E963 1 KB
748 B 364ms
363ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7854917b34d06d776633ed501e94c7df77a68287259e4009439eb49cfec92f94

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 851665004f635f5e-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
expires: Tue, 06 Feb 2024 21:12:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di7I4x6HJbshmNYwiNQm8aDVRBqIrCk774TncWWd1ucEvdCa12830aMKDfnW%2FvoSppZHDfqJYxfvRYAdQwwHMv1c6oMbizsIvM%2BE7Mnc1zMoRdpJHf7ljPLpl3bhFW2tcG9iZ0RaJLp6Oog%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 2133 1 KB
742 B 388ms
387ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd865aa494a57d8409f69a8f47b719cbf23c0c6b5796664d6ce5e1303acf35f

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 851665004f655f5e-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
expires: Tue, 06 Feb 2024 21:12:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Bi7DCXhypCGrzM%2FJeoy3jnKqKzKxZtUYkqCymOFhaI7v7NuSy4a%2BVsKQXjrdZUg35tzVtL6Jotebdp7OpLMO34HUU2t6rHVQ1GPSMyLoDQZii2LNqTu70ROOIl2aLpzOIrfXTYTmQGFyUU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame FAB5 1 KB
781 B 355ms
354ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1031c7d12671b0e4ba21ba236f1cadb8f64a96e4d887de61b0719257990ad440

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 851665004f695f5e-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
expires: Tue, 06 Feb 2024 21:12:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5kGuAETbkzqnVGrGxHS9wbjnXZBK730G3EXGG04hGcfglrsVDVwX0oiLcdGBmzBrH8ejGH9F6QoOdD6jl4OmQHaoBqHowVNzYQn8yv3Ypx129zSDzk7WPKQ8MHaum3Nd2eDNP%2BO3EXGCjI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
BLOB 200
OK 685f3076-37cd-453d-aa13-5243480cfa1e
https://vip.poltar2d.info/ Frame AB2A 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.poltar2d.info/685f3076-37cd-453d-aa13-5243480cfa1e
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame D3E5 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame D3E5 75 KB
76 KB 28ms
27ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135596
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665005a3440eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame C463 15 KB
3 KB 15ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/prediksi-sydney/ Frame DE84
Redirect Chain

https://vip.badutprediction.info/prediksi-sydney
https://vip.badutprediction.info/prediksi-sydney/

334 KB
41 KB

247ms
236ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/prediksi-sydney/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

038125817f7c1d347865952503775e536f045b1888d79a3ca72aebb11aaf2e95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/jalur-shio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/55>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=55>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
location: https://vip.badutprediction.info/prediksi-sydney/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 6B81 435 B
570 B 1722ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:64431833&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d17e88dc68df9445e56e8fc6f50ff4ee7b3c53c2a7f9af78ff7e797345b7f61b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 86D0 108 KB
13 KB 32ms
24ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 86D0 227 B
284 B 49ms
41ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 86D0 2 KB
376 B 49ms
42ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 86D0 28 KB
8 KB 50ms
42ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 86D0 86 KB
29 KB 70ms
62ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 86D0 13 KB
5 KB 65ms
58ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 86D0 157 KB
26 KB 23ms
16ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567692
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 86D0 30 KB
7 KB 50ms
44ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048125
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665012c5d89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 86D0 21 KB
8 KB 28ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084185
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 86D0 62 KB
16 KB 27ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368795
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 livechina.php Show response
w1.bungaprediction.com/ Frame 0B17 855 B
791 B 150ms
19ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livechina.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

6da55789d39fc24c0fcef28e6fca1f32988c00cb0aadab8df57a5ee3395f8830

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 415
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame AB2A 11 KB
4 KB 28ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78801
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665014f7840e8-SIN
content-length: 4547

GET
H2 200 poltar.php Show response
vip.velbettgroup.com/ Frame 2FCB 10 KB
3 KB 81ms
21ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame AB2A 65 KB
65 KB 9507ms
9504ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame AB2A 3 KB
1 KB 21ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AB2A 8 KB
2 KB 23ms
20ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AB2A 6 KB
2 KB 22ms
20ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AB2A 112 KB
34 KB 23ms
21ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame AB2A 4 KB
2 KB 33ms
31ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame D3E5 435 B
570 B 2222ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mJALUR%20SHIO%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:170635257&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 75c9c37afd683ccdc44fe196f9453bb2e9d54eaeef1db248eed961b91920ed5f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:02 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame AB2A 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame AB2A 75 KB
76 KB 36ms
35ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225039
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665018b5d40eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 86D0 258 KB
258 KB 806ms
805ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 86D0 4 MB
4 MB 838ms
838ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 86D0 53 KB
53 KB 605ms
603ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 86D0 652 KB
652 KB 419ms
409ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 86D0 397 KB
397 KB 437ms
426ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:00 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 86D0 443 KB
443 KB 9266ms
9256ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 86D0 829 KB
829 KB 9270ms
9259ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 86D0 736 KB
736 KB 9291ms
9280ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 86D0 1 MB
1 MB 9298ms
9288ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 86D0 1 MB
0 9314ms
9303ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 86D0 1 MB
0 9280ms
9267ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 86D0 733 KB
733 KB 9282ms
9270ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 86D0 1 MB
0 9314ms
9303ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 86D0 812 KB
812 KB 9299ms
9287ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 86D0 659 KB
659 KB 9265ms
9254ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 86D0 1 MB
1 MB 9260ms
9249ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 86D0 718 KB
718 KB 9255ms
9244ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 86D0 309 KB
309 KB 9291ms
9280ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 86D0 1 MB
0 9301ms
9291ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 86D0 173 KB
173 KB 9273ms
9263ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 86D0 1 KB
1 KB 426ms
265ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 4a36cde30fc9ed0494a18b7c62f36e9aa38a1fcbe0b05eea48b4858ee04a42b2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:00 GMT
Connection: close
ETag: -1283929906
Content-Length: 1093
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 86D0 65 KB
65 KB 9382ms
9373ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 86D0 8 KB
2 KB 21ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 86D0 6 KB
2 KB 22ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 86D0 112 KB
34 KB 23ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 86D0 4 KB
2 KB 57ms
47ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C463 11 KB
4 KB 32ms
31ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78801
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166501bfa740e8-SIN
content-length: 4547

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-japan/ Frame 749B
Redirect Chain

https://vip.poltar2d.info/paito-warna-japan
https://vip.poltar2d.info/paito-warna-japan/

274 KB
38 KB

57ms
57ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-japan/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

1d9a92f7ecc3e9444a73ebc62f8e8a9ec3f85553fad9dad37c30486c2e090c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/live-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/101>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=101>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
location: https://vip.poltar2d.info/paito-warna-japan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 cc_433.js Show response
s10.histats.com/counters/ Frame CEBC 20 KB
9 KB 31ms
25ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_433.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6faef2a9122a84c8ef399b819a303ed612e3aefded8e5dfca6419bc9a2677de3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 75409
etag: "1576520610"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166501fffa40e8-SIN
content-length: 9094

GET
H2 200 / Show response
e.dtscout.com/e/ Frame CEBC 7 KB
3 KB 345ms
340ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbungaprediction.top%2Fhitung.php&j=https%3A%2F%2Fvip.zona88.top%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4402211.php?4402211&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mAplikasi%20Kalkulator%20Togel%20%7C%20koperangka.com&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s433&@ten-US&@u1600&@b1:15080829&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fbungaprediction.top%2Fhitung.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d3b285dc9812d04e951429cf430ebbd14cfa07e452ebe080348ce9d7eb6a3e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-t: 0.244
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUpVKpxs87O3l7SZzgLGjPorN2sAlTK5ucyy0c5DaIKqfS0s7XybrAqzuM91p22h%2FnaUBYi4x%2B3XQLuegUYVz%2BjG%2Bzo4IDHd6TY5X21IpUi5%2FGRazpEB3s5u4%2Fnd%2BoLgSXXOSX4K0qNMVPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166501f8f95f5e-SIN
expires: Tue, 06 Feb 2024 21:12:59 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 2FCB 15 KB
3 KB 16ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 5188 13 KB
4 KB 28ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69688
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166502382140e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 5188 7 KB
3 KB 373ms
370ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-35042843&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297ca5dd9c836976e24d238428afe02f4eb989884e11da8a872d91da943436e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
x-t: 0.226
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asoOY5OmD%2FFl6nYK%2Bjg%2FXRzeSojz3cJd%2FYtd%2Fo2awS3gOOsKU%2FPZQ%2FtcG8s%2F8B0yTO1J%2FyVkmGXb%2FePKD1ydRAsi4JYUPVH7twMVlS2dpKmghL2sfQbVV6Mq2WDAdiPHi6eu3ZFqmuZ%2BXTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516650239325f5e-SIN
expires: Tue, 06 Feb 2024 21:12:59 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
950 B 71ms
10ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:52:57 GMT
via: 1.1 c361b447e32886b17f88ee19eae34502.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30002
x-amzn-requestid: da96c2c6-ffd2-4191-bde4-f2701a289040
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StvCmEpTCYcENZw=
content-length: 535
x-amz-cf-id: 6xFb5gG5c8mPwGSd47jjh28q2SKKLr0lgDpTFZpYrZSO1XAKDl7_9g==

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame AB2A 438 B
573 B 2134ms
255ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CHINA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:160409489&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 9162e03712f096c43bb7b43526e6c1c69942128932d24574b642c0f529b0aaac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:02 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 63A1 535 B
949 B 42ms
10ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:56 GMT
via: 1.1 0e1458d4315244c4becc35ec0765ad0a.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30844
x-amzn-requestid: 4eae454e-ae0f-457f-94f1-09f772c70477
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts_IGtziYcEGQA=
content-length: 535
x-amz-cf-id: NuOCJtL24_NRw8X4p9nv4ZBmue9CKTWr620jJekXHIIFxeBvGJ_FVQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 63A1 535 B
948 B 44ms
12ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:56 GMT
via: 1.1 0e1458d4315244c4becc35ec0765ad0a.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30844
x-amzn-requestid: 4eae454e-ae0f-457f-94f1-09f772c70477
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts_IGtziYcEGQA=
content-length: 535
x-amz-cf-id: EzfIUwCa-hCA1jaQfZGaKHzDVVNSGgdeEOfAxNScg-oXpfMrcve4Lw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 63A1 535 B
948 B 42ms
11ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:56 GMT
via: 1.1 0e1458d4315244c4becc35ec0765ad0a.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30844
x-amzn-requestid: 4eae454e-ae0f-457f-94f1-09f772c70477
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts_IGtziYcEGQA=
content-length: 535
x-amz-cf-id: dwGrfdiswjCR3VvtMwphpOkx_NjicddzZOvKb0qVzw0ojSEYnusIcQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 63A1 535 B
949 B 42ms
11ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:56 GMT
via: 1.1 0e1458d4315244c4becc35ec0765ad0a.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30844
x-amzn-requestid: 4eae454e-ae0f-457f-94f1-09f772c70477
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts_IGtziYcEGQA=
content-length: 535
x-amz-cf-id: QiJgG3hzIH093zbPghJcTsFF188yQB_vqTi_gvX8k3uRNFjkPGZywQ==

GET
DATA 200
OK truncated
/ Frame 86D0 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 86D0 11 KB
4 KB 25ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78801
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166502e87940e8-SIN
content-length: 4547

GET
H2 200 poltar.php Show response
vip.zonafantasi.info/ Frame 538B 12 KB
2 KB 33ms
25ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 749B 108 KB
13 KB 20ms
13ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 749B 227 B
273 B 23ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 749B 2 KB
376 B 23ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 749B 28 KB
8 KB 24ms
17ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 749B 86 KB
30 KB 32ms
26ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 749B 13 KB
5 KB 39ms
32ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 749B 157 KB
26 KB 22ms
17ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567692
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 749B 30 KB
7 KB 37ms
32ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048125
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665030da789a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 749B 21 KB
8 KB 25ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084186
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 749B 62 KB
16 KB 26ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368796
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 749B 258 KB
258 KB 606ms
602ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 749B 4 MB
4 MB 689ms
685ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 749B 53 KB
53 KB 649ms
637ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 749B 652 KB
652 KB 623ms
612ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 749B 397 KB
397 KB 635ms
624ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 749B 443 KB
443 KB 8912ms
8900ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 749B 829 KB
829 KB 8925ms
8910ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 749B 736 KB
736 KB 8932ms
8917ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 749B 1 MB
1 MB 8944ms
8930ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 749B 1 MB
0 8934ms
8919ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 749B 1 MB
0 8947ms
8934ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 749B 733 KB
733 KB 8929ms
8915ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 749B 1 MB
0 8938ms
8925ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 749B 812 KB
812 KB 8925ms
8911ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 749B 659 KB
659 KB 8917ms
8904ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 749B 1 MB
1 MB 8914ms
8901ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 749B 718 KB
718 KB 9377ms
9364ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 749B 309 KB
309 KB 8933ms
8920ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 749B 1 MB
0 8935ms
8922ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 749B 173 KB
173 KB 8939ms
8926ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 86D0 75 KB
76 KB 31ms
31ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 465119
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c4f1d4ee3f7913748b6627f04107416
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665037cc040eb-SIN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame C463 435 B
570 B 1916ms
255ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-74117413&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d17e88dc68df9445e56e8fc6f50ff4ee7b3c53c2a7f9af78ff7e797345b7f61b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:02 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 live-draw-china.php Show response
rankcrack.com/ Frame D70A 651 B
783 B 69ms
31ms Document
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/live-draw-china.php
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livechina.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fb574ba0087738e2662388a3f51043e2d9010322bc48390a0a34e1ce588fcac

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85166503d99081b6-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7TceTiD2joEdYeUZ9jvPPX4IrgEsrt6Nwt6N6Zfp6uUSmxxXqvYznqbOhaXaRJ7MM%2BwF4zkuNJwZfe9I6dRSAZLa%2FL%2BWs9SYM9H04Wvy83RB%2BjdagdbuR6JFK7WkbNOkeEshS4JVN%2BPxwLm"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0B17 11 KB
4 KB 21ms
17ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livechina.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78801
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166503a8dc40e8-SIN
content-length: 4547

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 538B 15 KB
3 KB 12ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 749B 95 KB
32 KB 39ms
28ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 749B 2 KB
780 B 50ms
38ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 749B 13 KB
3 KB 37ms
25ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 749B 65 KB
65 KB 8910ms
8897ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 749B 3 KB
1 KB 54ms
42ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 749B 8 KB
2 KB 51ms
38ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 749B 6 KB
3 KB 59ms
46ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2490
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 749B 112 KB
34 KB 59ms
46ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 749B 4 KB
2 KB 55ms
43ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame AB2A 18 KB
5 KB 18ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-taiwan/ Frame D157
Redirect Chain

https://vip.poltar2d.info/paito-warna-taiwan
https://vip.poltar2d.info/paito-warna-taiwan/

274 KB
38 KB

80ms
80ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-taiwan/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

789b226b25971d16ffeb5c6b51feaba8bc833d9179136489936bcd6609f710fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/105>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=105>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:00 GMT
location: https://vip.poltar2d.info/paito-warna-taiwan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2FCB 11 KB
4 KB 30ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78801
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166504493140e8-SIN
content-length: 4547

GET
H2 200 style5.css
rankcrack.com/css/ Frame D70A 8 KB
2 KB 29ms
27ms Stylesheet
text/css 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/css/style5.css
Requested by: Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afd8132abd29ec4f4e38e5088bc5cce3b8c65a97439a0f6cacfcf7975b9d144

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://rankcrack.com/live-draw-china.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 07:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7160
etag: W/"2b1ea1-1fb2-5f39ea947f180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSw4%2FEKOBQ%2BIPuKtQRnSojFiyMIFmIycKCMGyBCNsKI6OtWxeevPPN9q1T1%2ByfGreAjU%2BbpUPglMT17sX314c%2B6GhFNKHqJGqXxheHhqObn%2FjvtBdUfPwuJKqm%2F35LDTBjxF8mjCrsJ514nJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 851665048a0c81b6-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame D70A 2 KB
976 B 69ms
18ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 19:51:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 21:13:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame D70A 86 KB
31 KB 78ms
27ms Script
text/javascript 2404:6800:4003:c1c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 08:47:28 GMT

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame DE84 108 KB
13 KB 22ms
13ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame DE84 227 B
271 B 84ms
76ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame DE84 2 KB
374 B 85ms
73ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame DE84 28 KB
8 KB 86ms
74ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame DE84 86 KB
29 KB 279ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame DE84 13 KB
5 KB 236ms
224ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame DE84 157 KB
26 KB 21ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567693
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame DE84 30 KB
7 KB 45ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048125
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166504cef289a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame DE84 21 KB
8 KB 27ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084186
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame DE84 62 KB
16 KB 28ms
19ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368796
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 63A1 58 KB
18 KB 96ms
34ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81520
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: INFsM_sgI4M7BHOhn-8G-hK2A3CVQul5_vFZnyhsm3uLMklQfSicNw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 63A1 0
442 B 452ms
387ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 32.03
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOf3S3t9pk%2Bw%2F3zct3c8idunwHf4CUJ9k1b2M4g0oIRIZWLm04j0VU7Q9TYebTC7vUgh6AaPRxB0WVUlqiiDUfNWq4JsTpeqFpV83h5XICZ6jKWLmCoSqe0CAR2d6qmDLJT2Xo9o3wG5Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 8516650528173e01-SIN
expires: Tue, 06 Feb 2024 21:16:22 GMT

GET
H2

200

52799
stags.bluekai.com/site/ Frame 63A1
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

62 B
429 B

228ms
194ms

Image
image/gif

23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-216.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 06 Feb 2024 21:13:03 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
content-length: 0

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame 86D0 18 KB
5 KB 40ms
37ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:00 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 52ms
36ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81520
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: JSzfhMyAhvznKFyPg-c4OXaaX_9Jp-sTm1C38JQf6LVN1dhWXjwFLg==

GET
H2

200

/
spl.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
https://spl.zeotap.com/?zdid=1332&zcluid=afb678f1b5285b5b

0
0

421ms
111ms

Image
text/html

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=afb678f1b5285b5b
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=afb678f1b5285b5b
content-length: 0

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
608 B 337ms
318ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.disksusiangka.info%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 7.56
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oa3Kde9kVreown%2BhejotBSyltAFb4AI6JgXx%2BqPCEASzwtLlTqfVoadpfqqygIMPvDtIvurRle9eD4ae1rtEuaBmls2k51H%2BjhFW4bMO0RsvIKA8oERt49NxwqgZhRn1HFZPSEWreeYyCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 8516650528193e01-SIN
expires: Tue, 06 Feb 2024 18:52:31 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame D3E5 18 KB
5 KB 172ms
171ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H2

200

52799
stags.bluekai.com/site/ Frame 63A1
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

62 B
429 B

216ms
203ms

Image
image/gif

23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-216.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 06 Feb 2024 21:13:03 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
content-length: 0

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame 86D0 436 B
571 B 1715ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-14997093&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 2355c0718f4855e3d2c2488eb10acad260e2911bf7b87a7219d706fc431014d3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:02 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 0B17 436 B
571 B 1738ms
255ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-178958672&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 46e783cb4dac1e26d0b09081e9f5dfa24784153e5e2131c9aa6f72d3ab8f4869

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:02 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame D157 108 KB
13 KB 15ms
14ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame D157 227 B
273 B 19ms
15ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame D157 2 KB
353 B 20ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame D157 28 KB
8 KB 22ms
18ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame D157 86 KB
29 KB 24ms
20ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame D157 13 KB
5 KB 37ms
33ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame D157 157 KB
26 KB 24ms
21ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567693
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D157 30 KB
7 KB 40ms
37ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048126
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665058fa589a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame D157 21 KB
8 KB 33ms
30ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084186
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame D157 62 KB
16 KB 34ms
31ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368796
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame D157 258 KB
258 KB 1033ms
586ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:01 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame D157 4 MB
4 MB 1256ms
652ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:02 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame D157 53 KB
53 KB 1107ms
597ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:02 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame D157 652 KB
652 KB 2329ms
729ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:03 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame D157 397 KB
397 KB 2318ms
718ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:03 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame D157 443 KB
443 KB 8496ms
6664ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame D157 829 KB
829 KB 8511ms
6200ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame D157 736 KB
736 KB 8515ms
6120ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame D157 1 MB
1 MB 8524ms
6036ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame D157 1 MB
0 8516ms
5939ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame D157 1 MB
0 8505ms
5840ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame D157 733 KB
733 KB 8518ms
5824ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame D157 1 MB
0 8529ms
5780ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame D157 812 KB
812 KB 8526ms
5765ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame D157 659 KB
659 KB 8501ms
5651ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame D157 1 MB
1 MB 8986ms
5942ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame D157 718 KB
718 KB 9131ms
6066ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame D157 309 KB
309 KB 8518ms
5418ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame D157 1 MB
0 8497ms
5305ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame D157 173 KB
173 KB 8503ms
5182ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 538B 11 KB
5 KB 39ms
39ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78802
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665059a2240e8-SIN
content-length: 4547

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame CEBC 58 KB
18 KB 37ms
28ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbungaprediction.top%2Fhitung.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81521
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: I-ImX9hzUzyDYrfeUX6FuyFgFy42ZEgDPk_MJEeAiboTDtss3S9RtA==

GET
H2

200

52799
stags.bluekai.com/site/ Frame CEBC
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

62 B
429 B

236ms
199ms

Image
image/gif

23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
Requested by: Host: bungaprediction.top
URL: https://bungaprediction.top/hitung.php
Protocol: H2
Server: 23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-216.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 06 Feb 2024 21:13:03 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
content-length: 0

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame CEBC 0
301 B 317ms
310ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fbungaprediction.top%2Fhitung.php&r=https%3A%2F%2Fvip.zona88.top%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbungaprediction.top%2Fhitung.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 4.96
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0kKTGUa2c%2Bg4X11BNVdqnFgBthAeA4Ds9YslOz1SIr7b8FBDKK6eUWk2KUM1wIwcFUIRD3gI86c2nvRyb%2BirS88IqDsNFZcwYJW1EMqE%2BAH2pF8%2BEsjtzix%2BpVjCPFLFkh%2FnbPOBu71NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85166505b8633e01-SIN
expires: Tue, 06 Feb 2024 18:52:31 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame CEBC 33 KB
11 KB 34ms
27ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbungaprediction.top%2Fhitung.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1597
x-amz-cf-id: nWfhTXxNJIU-T7xV3MslIzHYveVFenY8ER6RKsGbGKu54s74JKHesA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame CEBC 51 B
385 B 388ms
381ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bungaprediction.top&_ss=3txj1p47r5&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=18s0&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbungaprediction.top%2Fhitung.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b193c454ae90e3db037af742f2fbc98c2e1adaa8e43f1133a1c472ab437525

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 0.152
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CFN5QQzUGV8jhSlVX4Wa3klniiy9%2B6349emTjoKLuRzEIkp8QYJIf1KHwXu3BVa42nNLCTd6E%2BWQSBHmE4CO8%2Be6DT1JSo%2FLAQjU20Kv6aD57sCfRIPX46Ee%2FIbioDf6nCO6itY1NaglC8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85166505bcfa5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:00 GMT

GET
H2 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame AB2A 230 B
540 B 25ms
24ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame AB2A 231 B
541 B 25ms
24ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 749B 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 2FCB 437 B
572 B 2209ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-144570621&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d1e8f703775a514b9d8dab40d9471e5d79823f0684afd344ca198d1ced39f791

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame DE84 3 MB
0 20ms
20ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H2 200 d65abec8672ef99e27d21afccb970afc
secure.gravatar.com/avatar/ Frame DE84 7 KB
7 KB 13ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/d65abec8672ef99e27d21afccb970afc?s=50&d=mm&r=g
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a0c501601874be315e0cb0190cd5fffb7a323247e9bddc0b5d225d8eddbf7b2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:01 GMT
last-modified: Tue, 06 Jun 2023 08:44:48 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="d65abec8672ef99e27d21afccb970afc.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/d65abec8672ef99e27d21afccb970afc?s=50&d=mm&r=g>; rel="canonical"
content-length: 7002
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:01 GMT

GET
H2 200 73d6f85363635b9ca230982a772e9f26
secure.gravatar.com/avatar/ Frame DE84 6 KB
6 KB 14ms
8ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/73d6f85363635b9ca230982a772e9f26?s=50&d=mm&r=g
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: eadf6373b403bcb2d38a5731648b6d8783a1b62d2ae14f8ca885a6649450d648

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:01 GMT
last-modified: Sun, 07 May 2023 02:47:45 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="73d6f85363635b9ca230982a772e9f26.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/73d6f85363635b9ca230982a772e9f26?s=50&d=mm&r=g>; rel="canonical"
content-length: 6044
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:01 GMT

GET
H2 200 b8598ace9dfc11d39a2ba3ae4c965a4a
secure.gravatar.com/avatar/ Frame DE84 5 KB
5 KB 12ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b8598ace9dfc11d39a2ba3ae4c965a4a?s=50&d=mm&r=g
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5837a99ae2084c0efa8e2f5731a515a0f664c82c87929f92e899484c86512031

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:01 GMT
last-modified: Mon, 06 Nov 2023 14:02:13 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b8598ace9dfc11d39a2ba3ae4c965a4a.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/b8598ace9dfc11d39a2ba3ae4c965a4a?s=50&d=mm&r=g>; rel="canonical"
content-length: 5251
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:01 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame DE84 311 B
338 B 2599ms
1808ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:03 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 53ms
21ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1431
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: j_kRvcaVeEAijbU60cCbmUKY4kuULyYaURKT3Nk7t8Qi5hRzJNbejw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 63A1 5 KB
2 KB 22ms
22ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1431
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: MKbdaCEgYJ_JH8MygEecfwDniq-hJS7GbQzcwTzelcfYeVKRTf8qgw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 5188 0
444 B 526ms
524ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.zona88.top%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 31.15
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1JnRLSJKwTYsmJZSkuJJEMp6w5T6NGsTjpUo4xMciXnRcso7RVhLWY9tFNp22WIa5K2O9js4M2lW4QCKwmx1h5lKJ60ogqWa9HAvOo7jUNwaguGa47Xj%2BbYkpPl6KZQBBK%2BUOxDoDoHzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516650688d83e01-SIN
expires: Tue, 06 Feb 2024 21:13:37 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5188 33 KB
11 KB 7ms
6ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1597
x-amz-cf-id: xiI-Rm2IcMkVUbFvxzDMdThfRqu-rDPE-eu4as--NMl5Fozmyb3vcQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 5188 0
296 B 368ms
366ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.pangkalanhdgroup.com&_ss=4lyhc3zprs&_pv=2&_ls=1&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6bzb&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 0.323
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azu42CEJFvFmexAFAGJbx5%2FE4%2FBT6sdmrqm9mQ1TyBDbG9OOCh3oDITT1zhd6V9b3h%2B3WoNc%2BHh29rboBloIUcp%2FzOsR%2FLbcGa7Q0KVxVd6%2BS55fc8sryeuGMgWr6p83m5k%2B4mBW%2Bwnl75c%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665069d9f5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:00 GMT

GET
H2

200

52799
stags.bluekai.com/site/ Frame 5188
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=007f78be-91e5-4d54-8874-1e9e2f52bb83&icm&gdpr=0&gdpr_consent=&cver
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c7d98620ff8ab6e8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb

62 B
429 B

252ms
218ms

Image
image/gif

23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
Requested by: Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php
Protocol: H2
Server: 23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-216.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 06 Feb 2024 21:13:03 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=a0fa214f26d96feb
content-length: 0

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame D157 95 KB
32 KB 24ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame D157 2 KB
780 B 31ms
19ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame D157 13 KB
3 KB 31ms
19ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame D157 65 KB
65 KB 8494ms
3382ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame D157 3 KB
1 KB 34ms
30ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame D157 8 KB
2 KB 31ms
20ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame D157 6 KB
2 KB 33ms
23ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame D157 112 KB
34 KB 34ms
24ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame D157 4 KB
2 KB 39ms
29ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame DE84 43 B
182 B 257ms
255ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:01 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame DE84 3 KB
1 KB 42ms
40ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame DE84 8 KB
2 KB 8ms
7ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame DE84 6 KB
2 KB 10ms
6ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame DE84 112 KB
34 KB 13ms
9ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame DE84 4 KB
2 KB 42ms
38ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 63A1 4 KB
1 KB 64ms
20ms XHR
application/json 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 01:27:29 GMT
content-encoding: gzip
via: 1.1 6bba44d47d881e087bd912149e58e0ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 71133
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-id: vIE9mcHNFN-7L6zULOURyu5rcApSPz-vBtzRZ32-z_mN7dtSOAOL5A==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 749B 11 KB
4 KB 29ms
29ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78802
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665077b6c40e8-SIN
content-length: 4547

GET
H2 200 poltar.php Show response
vip.velbettgroup.com/ Frame 8C8A 10 KB
2 KB 19ms
18ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:01 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 749B 75 KB
76 KB 29ms
29ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225040
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166507d81a40eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 43CC 22 KB
12 KB 34ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72156
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665080b9940e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 43CC 7 KB
3 KB 380ms
373ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBADUT%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-137155803&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68b88582ef21aff042c94869d7d3b794d8c1a087b7f100af3d09648176e7bb99

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 0.296
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOYoxDM6cGM3GYwcdhxOCeSIW5sED7G%2BOLfYJgbR2SfBQaHNnGagYL1oftDFzwIkHBXDTuE9Rig8yi%2Ft4hthS6MgW0n4pk1VLGgS%2FfL15Ak4MKyQwb94Ipq4u5HAgltX7MJg3PswdaJttmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665080e9b5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:00 GMT

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1951ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-112345651&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1980ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-122093585&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2042ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:122539891&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2081ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-101449359&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2618ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:114707684&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2658ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-106059128&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:03 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2157ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-172369867&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:05 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2192ms
256ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:21343356&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:05 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2151ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:3944090&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:05 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 2169ms
255ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:105410808&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:05 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1707ms
264ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:170938762&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:05 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1670ms
264ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:39481864&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:05 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1508ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-172769127&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1490ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:72029381&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1523ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-43821723&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 538B 439 B
574 B 1491ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-143033652&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame B318 13 KB
4 KB 32ms
28ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69689
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665082ba440e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame B318 7 KB
3 KB 391ms
387ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-148366652&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2bca8264d1f12612815bbdedb575e9418cd84b12f2e793a20a5a0d5d724fa11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 0.288
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Btdg3%2BNFNkVg%2BO0RnvIwTbYfei82b6mFltDBGlsvz5ug10GcL%2F8LhMbMU3lE3y%2FoPhqRIiBdYMW4PsYkYnqmJKQqF1iFkB1o6WDrH%2FphqBbmnBGTxbkRIJTtjsAR2v3f8MnA1yZG0vcB%2F0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665082eb25f5e-SIN
expires: Tue, 06 Feb 2024 21:13:00 GMT

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame E344 18 KB
7 KB 32ms
29ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 83841
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665082ba540e8-SIN
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E344 7 KB
3 KB 340ms
337ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-160540882&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f14e51ecf64cf84a4da58729073f507efb796be77f90879b1d3d1c58d775e5f6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
x-t: 0.22
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr5wuwv8GlYqVR%2FUieFVZPq%2B6ZZxyTbEYPQgW4Nj%2BishsQ%2F%2B09f8K1md6b99qXeio8rJptNz92r7mLvvTLXvkhDSj%2BHEIHwwqFs%2FlmSAwbG3zdXaEFC1ChePAQfGPL8PbBHPM4zmSp3d3S4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665082eb45f5e-SIN
expires: Tue, 06 Feb 2024 21:13:00 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D3E5 230 B
529 B 30ms
29ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D3E5 231 B
530 B 29ms
27ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
335 B

208ms
205ms

Fetch
application/json

54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.disksusiangka.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

Redirect headers

location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
access-control-allow-origin: https://vip.disksusiangka.info
date: Tue, 06 Feb 2024 21:13:02 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

v2 Show response
ap.lijit.com/readerinfo/ Frame 63A1
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
337 B

207ms
206ms

Fetch
application/json

54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.pangkalanhdgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

Redirect headers

location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
access-control-allow-origin: https://vip.pangkalanhdgroup.com
date: Tue, 06 Feb 2024 21:13:02 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3 200 cn.php Show response
rankcrack.com/ Frame D70A 1 KB
738 B 28ms
27ms XHR
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/cn.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 238e00796cb371bf137fbce58a9f9a19214d38cade514e2a8d77c76f5ad86d44

Request headers

Accept: text/html, */*; q=0.01
Referer: https://rankcrack.com/live-draw-china.php
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCw9qaQCaMDHrzcwRFaiFv5LwhcO9P2IVS1wr0SLODfs9CpP9TylDmd3%2FLcICYqIf%2F%2FMRrulNQRk0DMIAhJ1W%2FSTcjidui1QP6vK7OhTOGPPnz0YaaEqGJWda95AGDmpfVjTt3kLn541o6BT"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 851665083a515658-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame CEBC 535 B
941 B 244ms
243ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
via: 1.1 b716c68c9e650b220840a622019d66e4.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
x-amzn-requestid: cf430f4d-355f-4840-b8cc-312d622ea1e5
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su4SqHGbCYcEBZQ=
content-length: 535
x-amz-cf-id: A_L61wnHORIe7MErGeHIdhmPEdKUsMZru9oluXfHIjeB1VIKnUzl8w==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 8C8A 15 KB
3 KB 21ms
20ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/prediksi-sydney/ Frame 874B
Redirect Chain

https://vip.poltar2d.info/prediksi-sydney
https://vip.poltar2d.info/prediksi-sydney/

698 KB
70 KB

71ms
71ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-sydney/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

47ec6f53300002723b725ad28258ad9022cb54fa109f0e69897d71763435899b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:01 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/55>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=55>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:01 GMT
location: https://vip.poltar2d.info/prediksi-sydney/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
DATA 200
OK truncated
/ Frame D157 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame DE84 135 KB
135 KB 20ms
20ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 749B 18 KB
5 KB 16ms
15ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame DD1E 13 KB
4 KB 20ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69689
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516650a7d7240e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame DD1E 7 KB
3 KB 385ms
384ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4772420.php?4772420&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mKALKULATOR%20INVES%20%E2%80%93%20ZONA%2088&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-136672427&@b3:1707253979&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b5f293b88c1045f30b4b3791972c0fb9b2ee66d0b5e4389cbc18589565ed99

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 0.281
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp3ZzIejt3xU1k6wkepWqRT8UZTTFtvJw8HppzNhhvipVolKqtBHSbOm0wCwLQs5jr0WdD7EOEszqDGrh4xC49Y3QiVdwuEPZBNFvk8NsaNU4a3VcLoP4H0Wp4yHQ5tOTHCWiXuNufeoT54%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516650a785c5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:01 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 5188 5 KB
2 KB 15ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1431
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: YrYXF-ABKuniGO6l0Mpqs2a_AgwqrHbqVPiX4M_PSSvXQYBYIOwo-A==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 63A1 685 B
2 KB 344ms
81ms XHR
application/json 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7c5f5e4cc65ff6973a93828af6d174b05cb4ed40dad7f8c09ac5c0ed1d53f252

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vip.pangkalanhdgroup.com
cache-control: no-cache
x-server: 10.42.17.89
access-control-allow-credentials: true
content-length: 685
expires: 0

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 874B 108 KB
13 KB 14ms
8ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 874B 227 B
273 B 15ms
9ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 874B 2 KB
353 B 16ms
10ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 874B 28 KB
8 KB 16ms
10ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:01 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 874B 86 KB
30 KB 21ms
15ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 874B 13 KB
5 KB 26ms
20ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 874B 157 KB
26 KB 17ms
11ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567694
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 874B 30 KB
7 KB 30ms
25ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048126
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516650aeb5189a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 874B 21 KB
8 KB 18ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084187
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 874B 62 KB
16 KB 18ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368797
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 874B 258 KB
258 KB 5312ms
566ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 874B 4 MB
4 MB 5116ms
295ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 874B 53 KB
53 KB 5510ms
338ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:08 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 874B 652 KB
652 KB 5852ms
312ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:08 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 874B 397 KB
397 KB 6652ms
309ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:09 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 874B 443 KB
443 KB 7503ms
1018ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 874B 829 KB
829 KB 7505ms
995ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 874B 736 KB
736 KB 7491ms
745ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 874B 1 MB
1 MB 7493ms
732ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 874B 1 MB
0 7565ms
749ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 874B 1 MB
0 7743ms
754ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 874B 733 KB
733 KB 8127ms
755ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:10 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 874B 1 MB
0 8425ms
802ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:11 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 874B 812 KB
812 KB 8415ms
761ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:11 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 874B 659 KB
659 KB 8439ms
771ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:11 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 874B 1 MB
1 MB 8480ms
796ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:11 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 874B 718 KB
718 KB 8999ms
797ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:11 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 874B 309 KB
309 KB 9270ms
800ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:11 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 874B 1 MB
0 9334ms
807ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:12 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 874B 173 KB
173 KB 9547ms
811ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:12 GMT

GET
DATA 200
OK truncated
/ Frame DE84 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET gif.gif
zona-angka.top/wp-content/uploads/2023/06/ Frame DE84 0
0

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 749B 438 B
573 B 2749ms
245ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:149607400&@b3:1707253982&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 28cf2a34f3fc95ce2c4826b99dd7ffdab889d1a7cccca77f70772f2b0fdc671e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D157 11 KB
5 KB 22ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78803
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516650bddfe40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 283A 10 KB
3 KB 33ms
32ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame DE84 11 KB
4 KB 21ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78803
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516650bfe0c40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame C51B 10 KB
3 KB 36ms
34ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 039F 112 KB
25 KB 79ms
78ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

c410c9c41c55903e0c2f21b699e8485848c9b3587acc3af141a2077dba012b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:02 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 18a1e3ac1f6c65c911ecff2ec84f74cc
secure.gravatar.com/avatar/ Frame 874B 3 KB
3 KB 18ms
12ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/18a1e3ac1f6c65c911ecff2ec84f74cc?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b3bc87f36189128324553379012da869ef88015dbf6a9e33535bdf09de771083

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:02 GMT
last-modified: Thu, 11 May 2023 05:09:34 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="18a1e3ac1f6c65c911ecff2ec84f74cc.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/18a1e3ac1f6c65c911ecff2ec84f74cc?s=50&d=mm&r=g>; rel="canonical"
content-length: 2605
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:02 GMT

GET
H2 200 c7b37b57c25cdebc25422430bfd9ef0f
secure.gravatar.com/avatar/ Frame 874B 6 KB
6 KB 18ms
12ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e4da1a45ed746764f7043a54f5c78ac0840286859eddb34428d87f941d351c36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:02 GMT
last-modified: Fri, 29 Sep 2023 15:10:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c7b37b57c25cdebc25422430bfd9ef0f.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g>; rel="canonical"
content-length: 6068
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:02 GMT

GET
H2 200 b56670e2550efc9c17c4db0317240d03
secure.gravatar.com/avatar/ Frame 874B 1012 B
1 KB 19ms
13ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b56670e2550efc9c17c4db0317240d03?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f0b025141ad7acf44c398e0f97eb1f60571ecbcd23394c1c546c97ef83c726ed

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:02 GMT
last-modified: Thu, 11 May 2023 05:04:22 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b56670e2550efc9c17c4db0317240d03.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/b56670e2550efc9c17c4db0317240d03?s=50&d=mm&r=g>; rel="canonical"
content-length: 1012
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:02 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 874B 65 KB
65 KB 9693ms
816ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:12 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 874B 3 KB
1 KB 38ms
35ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 874B 8 KB
2 KB 21ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 874B 6 KB
2 KB 22ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 874B 112 KB
34 KB 22ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 874B 4 KB
2 KB 48ms
38ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame D157 75 KB
76 KB 26ms
26ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225041
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516650c3c3e40eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame DE84 75 KB
76 KB 47ms
45ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135598
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516650c7c6440eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 8C8A 11 KB
4 KB 25ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78803
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516650cce9c40e8-SIN
content-length: 4547

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame DE84 18 KB
5 KB 13ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 749B 230 B
529 B 12ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 749B 231 B
530 B 13ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 43CC 58 KB
18 KB 24ms
20ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81522
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: NMKB2nq4EqXEjAU3368HUt6OkxS3yjJwk13IjnBZFtTma9EwknwdHQ==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 43CC 35 B
247 B 255ms
253ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 43CC 0
451 B 296ms
293ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2F&r=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 1.72
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8dsDxfY2TSU%2B8w3F5HpYMjnAtowXmeH8NkZUIL8gtQHYlrIcp0O9E4lQGS8zvZr1I8ZkVEiSz08pyH8ZaJncpJOcDC1XqklHWErzDxkoEkUU%2B05qDzZdHYl7mWJeFJv9D57OKUQk0g8Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 8516650d1e3d3e01-SIN
expires: Tue, 06 Feb 2024 18:52:33 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 43CC 33 KB
11 KB 21ms
19ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1598
x-amz-cf-id: otVfl59JeB5t4pKWkDPaUYLtRsVHOZJ3jMdYoavNcrQM4HQO-Pn4ew==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 43CC 51 B
342 B 375ms
373ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=6snwpnk6n2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=4xuu&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956a07e528dc44c3ecb772fd130c1a63c71f7394bf3338c86ea92ff4ab50fce9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 0.14
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr08%2Fd%2BtNtd09XpwvJ%2BGm4dECfmNicvvKN5HMENv4UKrv96nm9jyiUiMmgCNbKIpDAEoyujCe%2FsTau8KZHbxEBsddv2gB3dd46jyfwhWABvcoSqiE09Xw5Wp%2BxJHUOIjKQ%2B4fDR5%2F%2BpEM5k%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516650d1a175f5e-SIN
expires: Tue, 06 Feb 2024 21:13:01 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame CEBC 5 KB
2 KB 19ms
18ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1432
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: LmYlASW96fFl5nnkEEu89RProW4gz52VgwcAy1B3poidjE8eoVFBzg==

GET
H3

200

/ Show response
vip.poltar2d.info/prediksi-hongkong/ Frame E86F
Redirect Chain

https://vip.poltar2d.info/prediksi-hongkong
https://vip.poltar2d.info/prediksi-hongkong/

666 KB
73 KB

56ms
55ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-hongkong/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

e60ddf53483a699a802aff60e3a086db0e8b87877e960b89b069c393a5308bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:02 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/57>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=57>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:02 GMT
location: https://vip.poltar2d.info/prediksi-hongkong/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 283A 15 KB
3 KB 11ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame C51B 15 KB
3 KB 10ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/prediksi-taiwan/ Frame 0F3C
Redirect Chain

https://vip.badutprediction.info/prediksi-taiwan
https://vip.badutprediction.info/prediksi-taiwan/

106 KB
21 KB

259ms
259ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/prediksi-taiwan/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

2a7c3271c7be094b18da1806d3105dbf933d12d32627a0dfefeef7837bcba00e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/prediksi-sydney/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:02 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/91>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=91>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:02 GMT
location: https://vip.badutprediction.info/prediksi-taiwan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame E344 58 KB
18 KB 16ms
14ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81522
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Wm-JlrF4LtIhd6eP2el0j4k7gRaTkQKo5YLsIzJOXiOI7otw4clysg==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame E344 35 B
247 B 261ms
260ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E344 0
438 B 276ms
274ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 1.13
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6SAlPz%2Fp5ytareCy0i5rTY3gxtsDCs68%2FGE5v0%2BOVFHYrM%2BXbN5vNfVb%2Fa8gRdqf8hdaXcdfqRnnniOjbf8I0uvAKImFE3vMx855b8le7%2FtA5TcauqnjWTmpG3%2F5lVo4b0s00sUaTE0tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 8516650d8e763e01-SIN
expires: Tue, 06 Feb 2024 20:47:18 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E344 33 KB
11 KB 18ms
16ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1598
x-amz-cf-id: c_mq32yiHm87vFwm8Zws0zL7xsAH-7JzlikNJ26BbwOUqlbt5SBsHA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame E344 51 B
337 B 350ms
349ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=woyan4849m&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=1nzy&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4793b754e750d6c2971bc444686c006ad5f482c37e67a7afaf21525120766c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 0.153
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSe59TIq9fG20Y%2F%2FfoSOYRoFqyj5s5jNViWPJ5a%2Bfukj60Kd2QgZ8tVZ9INVg8igV7MueLcDPs5vF3pSEQzi%2F6FLcNPD8KVn3F0GusgFYLmhRw1jiff5I6WiGLfDft5RnRLfjmvkJ1UbaVA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516650d9a5e5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:01 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame D157 18 KB
5 KB 14ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
DATA 200
OK truncated
/ Frame 43CC 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame B318 58 KB
18 KB 30ms
7ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81522
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: UHzISsdNz2ClaqHc4JLAwOhjyrMNMWtYrynxbEq7QVNCzjsfeNq3rw==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame B318 35 B
247 B 258ms
254ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame B318 0
547 B 393ms
371ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 26.86
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP41CRVLnWah3j4wARtwL%2BOhP9nbkOlUCO4dRuYZOoNoyyREUjDu1h%2B4toFJKWB2U8eRCLX2KrzgG6nk9CjAeNcswBoSMbkHA9VOXhDPRCn8L9x3btgyevdOeur1Gnjd%2FYGCBgKHipplTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 8516650f48803e01-SIN
expires: Tue, 06 Feb 2024 21:16:24 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B318 33 KB
11 KB 47ms
24ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1598
x-amz-cf-id: miqK5ayt1A8bQHNTTDsINvUjHgxaXpiqAOXnHcXKhRzy9RK-GusaKQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame B318 51 B
343 B 398ms
375ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=1k5shfatpr&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=5mnj&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e389c1615870f65a3f68aa47dc6415511bc8dfe68a98358243f09819ddc9d31

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 0.135
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koQOrBorjoWmMwLM7bJr9qeCBeAgNo7o8ZKK6%2BEE3egIuUvWzhnGy53ZUlDtWJ%2BYKxBeokHtTVzMJJFNcmfkgHAfh%2BtC1No1ri%2F1rUWvCqN8iAMUEbtdvHci5SWNImtA6TSuhfCdbrIkp%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516650f6b9b5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:01 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 039F 108 KB
13 KB 20ms
8ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 039F 227 B
284 B 21ms
10ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 039F 2 KB
376 B 22ms
10ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 039F 28 KB
8 KB 23ms
11ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 039F 86 KB
29 KB 27ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 039F 13 KB
5 KB 36ms
24ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 039F 157 KB
26 KB 28ms
17ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567694
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 039F 30 KB
7 KB 39ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048127
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516650f4e3389a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 039F 21 KB
8 KB 36ms
23ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084188
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 039F 62 KB
16 KB 37ms
24ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368797
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 039F 258 KB
258 KB 4599ms
460ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 039F 4 MB
4 MB 4422ms
281ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 039F 53 KB
53 KB 9310ms
300ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:12 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 039F 652 KB
652 KB 9615ms
299ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:13 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 039F 397 KB
397 KB 9848ms
313ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:13 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 039F 443 KB
443 KB 10544ms
834ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:13 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 039F 829 KB
829 KB 10531ms
815ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:13 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 039F 736 KB
736 KB 10839ms
945ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:13 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 039F 1017 KB
0 10842ms
948ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:13 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 039F 1012 KB
0 11010ms
911ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:14 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 039F 1023 KB
0 10816ms
645ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:14 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 039F 733 KB
733 KB 10990ms
673ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:14 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 039F 992 KB
0 11341ms
940ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:14 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 039F 812 KB
812 KB 12258ms
823ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:15 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 039F 659 KB
659 KB 12436ms
787ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:15 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 039F 876 KB
0 12758ms
843ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:15 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 039F 718 KB
718 KB 13035ms
1066ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:16 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 039F 309 KB
309 KB 12567ms
580ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:15 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 039F 845 KB
0 12613ms
581ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:16 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 039F 173 KB
173 KB 13644ms
958ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:16 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 039F 1 KB
1 KB 782ms
249ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 4a36cde30fc9ed0494a18b7c62f36e9aa38a1fcbe0b05eea48b4858ee04a42b2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
ETag: -1283929906
Content-Length: 1093
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 039F 65 KB
65 KB 13573ms
707ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:16 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 039F 8 KB
2 KB 19ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 039F 6 KB
2 KB 20ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 039F 112 KB
34 KB 22ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 039F 4 KB
2 KB 31ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:03 GMT

POST
H2 200 a
a.dtssrv.com/ Frame 63A1 0
445 B 327ms
266ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A01707253979BCFF8072BEF59FBE4F&k=lotpano&v=6c29fc5aadea751b0b1d3620a6efa9fb927a6f2d07eae536a8b443b67554abb9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwOMO3HGupuTqgR5GaVKXZ%2FMoZwGRd9NcqO3piPWnwxxY2x%2FjTxwYgRomCEg6GQ%2F%2FXksqA4GzSR7HaJ11gb5%2B6G2p2r7S9pa1RcR5mIDR2FXyz9sO2hpazauXfi1RqYDr%2Ft3cTBXwcHkfKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8516650fba892e7a-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 744A 2 KB
1 KB 30ms
23ms Document
text/html 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 5344
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 19:43:58 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
x-amz-cf-id: KohWRUIokCyQ7if39zwaI1tQU-mmi-_5JJsL7oy_fAk1iBLgEj4pvQ==
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 6B81 22 KB
12 KB 32ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72157
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516650f884640e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6B81 7 KB
3 KB 352ms
346ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:64431833&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a3494c37f14af1a6e4fd2b12673e45f1b9a167eed81aeffe39bb983ce4e6c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
x-t: 0.225
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbdEIoxV78uVcFjXFVgyp97Y69zdpMQlmvxo0z2VxqBXAsYUUsBqILh%2BH9uPSrxl2Xt3nSPhOZZm58XOp0t4NLLTHIxoiO7MXHR8c4TffiN4JN2mQU3MAaRYEm1RztDE1XfJ8AVhYG9efxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516650f9bd65f5e-SIN
expires: Tue, 06 Feb 2024 21:13:01 GMT

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame E344 35 B
247 B 254ms
253ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E344 33 KB
11 KB 18ms
18ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1598
x-amz-cf-id: rZ0J4VVXaVPQ2vQeVrWVCbZwxJT1SLX2VK9hW8pZUhB3ps-z9qJfnw==

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame E86F 108 KB
13 KB 34ms
29ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame E86F 227 B
273 B 37ms
31ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E86F 2 KB
353 B 37ms
31ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame E86F 28 KB
8 KB 34ms
28ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame E86F 86 KB
29 KB 38ms
33ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame E86F 13 KB
5 KB 49ms
44ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame E86F 157 KB
26 KB 41ms
37ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567695
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame E86F 30 KB
7 KB 53ms
49ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048127
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665104e9389a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame E86F 21 KB
8 KB 43ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084188
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame E86F 62 KB
16 KB 44ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368798
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame E86F 258 KB
258 KB 4935ms
352ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame E86F 4 MB
4 MB 4982ms
397ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:07 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame E86F 53 KB
53 KB 13316ms
563ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:16 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame E86F 652 KB
652 KB 13184ms
389ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:16 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame E86F 397 KB
397 KB 13286ms
293ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:16 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame E86F 443 KB
443 KB 14147ms
887ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:17 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame E86F 774 KB
0 14174ms
849ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:17 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame E86F 736 KB
736 KB 14179ms
842ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:17 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame E86F 772 KB
0 13971ms
546ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:17 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame E86F 708 KB
0 14579ms
671ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:18 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame E86F 745 KB
0 14583ms
664ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:18 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame E86F 723 KB
0 14991ms
795ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:18 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame E86F 684 KB
0 15565ms
738ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame E86F 670 KB
0 15584ms
743ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame E86F 633 KB
0 15618ms
752ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame E86F 635 KB
0 15663ms
763ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame E86F 647 KB
0 16088ms
684ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame E86F 309 KB
309 KB 17676ms
2065ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame E86F 609 KB
0 17564ms
1791ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame E86F 173 KB
173 KB 17578ms
1784ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H2 200 23ec680540d3a41649109e00354ee326
secure.gravatar.com/avatar/ Frame E86F 5 KB
6 KB 27ms
2ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/23ec680540d3a41649109e00354ee326?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e02ac2fe31db1f9e6240716552f22ddfec82fa94d717f80e1e2a98a62d661b4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
last-modified: Mon, 04 Apr 2022 05:53:03 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="23ec680540d3a41649109e00354ee326.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/23ec680540d3a41649109e00354ee326?s=50&d=mm&r=g>; rel="canonical"
content-length: 5340
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:03 GMT

GET
H2 200 c7b37b57c25cdebc25422430bfd9ef0f
secure.gravatar.com/avatar/ Frame E86F 6 KB
6 KB 27ms
3ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e4da1a45ed746764f7043a54f5c78ac0840286859eddb34428d87f941d351c36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
last-modified: Fri, 29 Sep 2023 15:10:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c7b37b57c25cdebc25422430bfd9ef0f.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g>; rel="canonical"
content-length: 6068
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:03 GMT

GET
H2 200 fd7ef5d99c61e6619112ce7b29cb8bc1
secure.gravatar.com/avatar/ Frame E86F 2 KB
2 KB 25ms
1ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/fd7ef5d99c61e6619112ce7b29cb8bc1?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1259bd6af9ec9598817124ee0e150fb1a05b53d962895069a67ea1fe4af5032d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
last-modified: Thu, 11 May 2023 05:22:22 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="fd7ef5d99c61e6619112ce7b29cb8bc1.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/fd7ef5d99c61e6619112ce7b29cb8bc1?s=50&d=mm&r=g>; rel="canonical"
content-length: 2004
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:03 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame E86F 65 KB
65 KB 17737ms
1920ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:20 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame E86F 3 KB
1 KB 21ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E86F 8 KB
2 KB 26ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E86F 6 KB
2 KB 27ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E86F 112 KB
34 KB 29ms
15ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E86F 4 KB
2 KB 30ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 5188 41 B
337 B 287ms
286ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.pangkalanhdgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame DE84 435 B
570 B 1927ms
239ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20SYDNEY%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:130417574&@b3:1707253983&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 75c9c37afd683ccdc44fe196f9453bb2e9d54eaeef1db248eed961b91920ed5f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame D157 438 B
573 B 1981ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:192653241&@b3:1707253983&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 28cf2a34f3fc95ce2c4826b99dd7ffdab889d1a7cccca77f70772f2b0fdc671e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame 0F3C 108 KB
13 KB 9ms
9ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 0F3C 227 B
271 B 43ms
41ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 0F3C 2 KB
374 B 44ms
41ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame 0F3C 28 KB
8 KB 44ms
41ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 0F3C 86 KB
29 KB 118ms
115ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 0F3C 13 KB
5 KB 103ms
100ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 0F3C 157 KB
26 KB 17ms
15ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567695
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 0F3C 30 KB
7 KB 24ms
22ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048128
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665123f5889a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 0F3C 21 KB
8 KB 16ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084188
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 0F3C 62 KB
16 KB 19ms
17ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368798
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame 0F3C 3 MB
0 22ms
20ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:13:03 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 0F3C 311 B
338 B 9356ms
575ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:12 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame 0F3C 43 B
182 B 258ms
255ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 0F3C 3 KB
1 KB 112ms
109ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 0F3C 8 KB
2 KB 18ms
14ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 0F3C 6 KB
2 KB 18ms
14ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 0F3C 112 KB
34 KB 18ms
15ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 0F3C 4 KB
2 KB 53ms
49ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 8C8A 437 B
572 B 1895ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:109723625&@b3:1707253983&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d1e8f703775a514b9d8dab40d9471e5d79823f0684afd344ca198d1ced39f791

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame DD1E 58 KB
18 KB 26ms
24ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81523
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: IAAr93BQIm7VZods40arGkP3l6_t2GDcPiZcmRKPQGH2pgK7ouczxA==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame DD1E 35 B
247 B 259ms
259ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame DD1E 0
445 B 355ms
354ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&r=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 0.98
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL11S0lf3%2FjHfAYzSymBwMf3RtZ%2BYyc1i4oSe%2BIP76CxwHDVZPp1MgA9aqKd7s66GqlH3G7lUgl93XDda6zmKjxJR0BKlBtOp%2FOfYAzjXKTFbbvIwXIjcGpiH90zIsKFvP2a4mQM3dG%2BGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 851665129a493e01-SIN
expires: Tue, 06 Feb 2024 21:13:39 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame DD1E 33 KB
11 KB 23ms
23ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1599
x-amz-cf-id: nxhDMQx2yfFQ1za8BxdR1TO8_fz8IGiXzOzRHPbonQj76O7i4nNl3w==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame DD1E 51 B
400 B 335ms
335ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zona88.top&_ss=6tp48o22am&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=4nuy&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Fkalkulator-invest%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad6d6040ca18fd1009d68ffeca180c0b0d2adb36f3555a7fed83ccb7e00ad52e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 0.125
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHB%2FMT1CP7HnypRYp7%2FI8fKGq2EWqoUaKV2Yd8B3JFVgPcQmYDjCoOjqBVNYn02as57Hz%2BiVX0L4ZvV53tZLIf0ViRqRGF3KzXrWG%2BY%2BROFH6GTmvnrljrJxYELZ%2FQzZ4ZEfnUr18klBl0c%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665129e2a5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:02 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame DE84 231 B
530 B 15ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2611.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame DE84 482 B
781 B 12ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2611.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2c43a255e95fbdf338309f6c22ac82b0d7fa1a37ee9c97caf5e40d3fed96f8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 482
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c7b37b57c25cdebc25422430bfd9ef0f
secure.gravatar.com/avatar/ Frame 874B 6 KB
6 KB 11ms
10ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e4da1a45ed746764f7043a54f5c78ac0840286859eddb34428d87f941d351c36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
last-modified: Fri, 29 Sep 2023 15:10:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c7b37b57c25cdebc25422430bfd9ef0f.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g>; rel="canonical"
content-length: 6068
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:03 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame CEBC 41 B
332 B 212ms
209ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://bungaprediction.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 283A 11 KB
5 KB 31ms
30ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78804
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166512ea9840e8-SIN
content-length: 4547

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C51B 11 KB
5 KB 23ms
22ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78804
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166512fa9940e8-SIN
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D157 230 B
529 B 8ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D157 231 B
530 B 8ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 874B 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET gif.gif
zona-angka.top/wp-content/uploads/2023/06/ Frame 874B 0
0

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame D3E5 22 KB
12 KB 26ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72158
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665144b6540e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame D3E5 6 KB
3 KB 339ms
336ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mJALUR%20SHIO%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:170635257&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6180afbd70e2eb56fcaa48cdc90cfd02601557035def0183b3d8b6a2b660d6f7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 0.505
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clf5hkAI8r8l2mn8kjiRMYoch4lMcw%2BtyMiQ6wjfVqbO0ggW1gjGOZqvwpoYqdqdziFB1Eplcgp2ELmtzU%2B9pq6hq8ouz1IDVKX7T0%2BiaUeHQYEwlzWqA%2FM0KQY0t9FrOfhVUNdd96Eo0Yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166514580e5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:02 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 43CC 535 B
939 B 657ms
650ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
via: 1.1 a7e33ae8a84f3c5c69af4a152ea56772.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
x-amzn-requestid: 62f3d693-c6bc-4534-ade9-788a1ccc95de
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su4TCFIHiYcESFg=
content-length: 535
x-amz-cf-id: UvD1zBbfJjrZU3n4A34tyMXl7DkoPL123Lho79O19BV60SmszCeoFQ==

GET
DATA 200
OK truncated
/ Frame 039F 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame E344 535 B
948 B 19ms
16ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:28 GMT
via: 1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30875
x-amzn-requestid: 6151a339-6fb6-413b-b95f-615b61ca37bb
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts6yGpgCYcERUQ=
content-length: 535
x-amz-cf-id: FkSUkvgawdAtxjYsDtbpk2WKD6Wm3KrheQXFSj0fWfI4vyBxapobkQ==

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame AB2A 16 KB
6 KB 32ms
28ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13065
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665153c0140e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame AB2A 6 KB
3 KB 355ms
352ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CHINA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:160409489&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ee0942e99bc928aa018d4c21216cc548baa5af77cb0c323052988d4701dc74

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 0.283
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuuDnKKHpsfMH3Q%2BFjzvrzzP5vhhqkevSpCrMDgdKmuwTFH4LRwwPltu%2B1iUqk7OKOTlU%2FfMjKBq5iVa6Jhm7PQnNTmaHRhVZlcVonx7CbvXr5vNmWyBl787B5FahKKfuujyG3xLdpkVrp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166515497b5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:02 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame C463 22 KB
12 KB 29ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72158
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665153c0240e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame C463 6 KB
3 KB 368ms
366ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-74117413&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e43b56fadbb99e265ebc3187f0d0931cd4e593f3e2ad757c04423a20d5e08d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 0.197
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99M3lZZaEaGXD5aqI6DneWVMJVmxVKhEGE7BA0ZdinDQPC0vnREz57YELmyNsqDKrgI8zMXaBcakAfo5ZthuDz4Lp67qn5bUcwuES9gIpWXg4G2qKHYyPoa7Nf2J77teg3maTUK1%2B34XdIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166515497c5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:02 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 86D0 13 KB
4 KB 26ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69691
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665154c0b40e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 86D0 6 KB
3 KB 367ms
364ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-14997093&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2008023d6a4f8e6b62313df41fafc84201fe6de1fb2b43076619dfc245528fad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 0.245
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSu%2BP0AJlNrCEodcyvV7cn5pcUYGk9iicpPrHZGsAcP3Wl01idPFB4Qe8LiC%2FopOo1XtvB3T1IYrjdbhJeY2i6FtQXtrL4l2Q%2BleGa%2BdHcPU%2Bhsjtq12oAxT%2FzxXV9FBEI%2FCtHou2T7mQkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516651559855f5e-SIN
expires: Tue, 06 Feb 2024 21:13:02 GMT

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame 0B17 18 KB
7 KB 24ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 60850
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665155c0c40e8-SIN
content-length: 7420

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0B17 6 KB
3 KB 343ms
343ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-178958672&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1862cbc949968acad1d272ecc52e35eebb6f905994741e300129400171af2feb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 0.231
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsnLOmw5x2%2FGW8yIq%2BKT1B9tgsNZ3lOe8hdMVlhctfnlcJ8%2FMJwr7oYFG%2FL4btqecFeFSqN1kvOCyMiL0iVdmQHn1W%2Btl0JPND8OOktw%2FxxYtT5Ww0vGje3n69x5gK3UUJF1XuoIO6qaHsc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516651559865f5e-SIN
expires: Tue, 06 Feb 2024 21:13:02 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E344 0
434 B 364ms
344ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
x-t: 2.31
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYWoKF%2FS%2FA%2FvbZ6GkLt2%2FBKVTcn81ZCT6l2uKYZ4GlNQru7o16wVDSVHfxjE4huNweIrjTjO4rjsxacZypPznmG%2FPaPTceo3l972qK06gGF9zCtzO5IlKv%2FvR8tQhAEQhJlJdcwUHF%2FL8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 851665158d323e01-SIN
expires: Tue, 06 Feb 2024 20:47:20 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E344 33 KB
11 KB 24ms
4ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1599
x-amz-cf-id: aYqxBVCSG08U374yO1mLQsx6WJchxDTRTuXAtfXyP0uvh2CQUM2EYQ==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame E344 35 B
247 B 268ms
257ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame B318 535 B
940 B 259ms
242ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
via: 1.1 a7e33ae8a84f3c5c69af4a152ea56772.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
x-amzn-requestid: c8f25342-1dc6-4f72-8ded-990236639487
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su4TAGA1CYcEdPA=
content-length: 535
x-amz-cf-id: wDXMkxnDPAL58mAJah7j5_jg92RGyIHh6dWHcUrqDGGWe1Qp-45bFg==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 039F 11 KB
5 KB 27ms
13ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78804
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665159c3340e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame FBEB 12 KB
3 KB 13ms
8ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:03 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame CEBC 4 KB
1 KB 15ms
5ms XHR
application/json 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://bungaprediction.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
content-encoding: gzip
via: 1.1 6bba44d47d881e087bd912149e58e0ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 34850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-id: Tfh542KH06MkjRd-hO2Kuk95Mb43RrmXxnVtGJ82CwI5D3akWZJaMA==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 039F 75 KB
76 KB 22ms
21ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 465122
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c4f1d4ee3f7913748b6627f04107416
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665165be940eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame E344 535 B
949 B 29ms
29ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:28 GMT
via: 1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30875
x-amzn-requestid: 6151a339-6fb6-413b-b95f-615b61ca37bb
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts6yGpgCYcERUQ=
content-length: 535
x-amz-cf-id: FGrzSViNk7SHBtl7QbDvpHNrfT--MN0sLJmco9jDPDp6VESqEv7Wgg==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame E344 535 B
948 B 29ms
28ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:28 GMT
via: 1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30875
x-amzn-requestid: 6151a339-6fb6-413b-b95f-615b61ca37bb
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts6yGpgCYcERUQ=
content-length: 535
x-amz-cf-id: wVHMCseA98e6OGTwrY0vXqS4C_pe-jNUehtkEJIy2oqAkuczxOUgHA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame E344 535 B
940 B 27ms
27ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:28 GMT
via: 1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30875
x-amzn-requestid: 6151a339-6fb6-413b-b95f-615b61ca37bb
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts6yGpgCYcERUQ=
content-length: 535
x-amz-cf-id: wBFIiGufDNGEVf5DIN_FS28z1klM2ka3WIBmSM11FKSHv3cYfDuJVQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame E344 535 B
939 B 28ms
27ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:38:28 GMT
via: 1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30875
x-amzn-requestid: 6151a339-6fb6-413b-b95f-615b61ca37bb
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Sts6yGpgCYcERUQ=
content-length: 535
x-amz-cf-id: DbM6z4Ew2dEbfo2swCn5QhBFvcYqDiXbF3wh9lh2GXButYd5aRlCHw==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 6B81 58 KB
18 KB 36ms
35ms Script
text/javascript 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:34:20 GMT
content-encoding: gzip
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
age: 81523
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: yBTzALlmB8JfjevSRxYLMY0ja46iOupv-6QZrEm-W_Hl08_v4duVXA==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 6B81 35 B
247 B 259ms
258ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01707253979BCFF8072BEF59FBE4F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6B81 0
473 B 293ms
292ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
x-t: 1.23
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0O5uc3xly7gv%2BomF128jETraikRTHwgWQz6zCS9YRx%2F15A4l5tdF%2Fq%2FRFd%2BfWHTThZwTBcdnhGGle3PnGS0%2BgcAwTe8PLV1kwUmlMuenG%2BRp%2FMhQV6cS9e7OO5MJdRThz7hMcYljYPfTog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 851665173e1b3e01-SIN
expires: Tue, 06 Feb 2024 21:16:25 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6B81 33 KB
11 KB 33ms
33ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1599
x-amz-cf-id: PNITioror_yanZvyP14QANW4U5SAyJVcMd8c5G6uk188SR7VcWHLbQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6B81 51 B
389 B 381ms
380ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=twqq6o3xxo&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=3l4p&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 963dc880d03e841ab5565b47af9e03b1a5132d5d34b3221bfec3f85b7e9a0c9c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
x-t: 0.12
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxJv4Wc1%2FNUgMVrOIJv8E0EXKMtaPKyDjKzWqMRvoAsZIQm%2Foe%2BjvsXHf3BFuE20oIWchzaDqDPYbHTVmQElGGDHWcMVTl7S19%2F5J1TbCMq5AN933hp1YwMO1iWjmgADISWozwMyamt3kgM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665174a7f5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:03 GMT

GET
H2 200 fd7ef5d99c61e6619112ce7b29cb8bc1
secure.gravatar.com/avatar/ Frame E86F 2 KB
2 KB 29ms
29ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/fd7ef5d99c61e6619112ce7b29cb8bc1?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1259bd6af9ec9598817124ee0e150fb1a05b53d962895069a67ea1fe4af5032d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:03 GMT
last-modified: Thu, 11 May 2023 05:22:22 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="fd7ef5d99c61e6619112ce7b29cb8bc1.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/fd7ef5d99c61e6619112ce7b29cb8bc1?s=50&d=mm&r=g>; rel="canonical"
content-length: 2004
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:03 GMT

GET
DATA 200
OK truncated
/ Frame E86F 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET gif.gif
zona-angka.top/wp-content/uploads/2023/06/ Frame E86F 0
0

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame FBEB 15 KB
3 KB 7ms
6ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-taiwan/ Frame 6C18
Redirect Chain

https://vip.poltar2d.info/paito-warna-taiwan
https://vip.poltar2d.info/paito-warna-taiwan/

274 KB
38 KB

59ms
59ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-taiwan/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

c15113fa01b194ad2604e6adfc0681ee08a07f780c62e1cb72a303ad27714c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:04 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/105>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=105>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:04 GMT
location: https://vip.poltar2d.info/paito-warna-taiwan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame C51B 435 B
570 B 2157ms
248ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-138833902&@b3:1707253984&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d17e88dc68df9445e56e8fc6f50ff4ee7b3c53c2a7f9af78ff7e797345b7f61b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 283A 437 B
572 B 2218ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:74844923&@b3:1707253984&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d1e8f703775a514b9d8dab40d9471e5d79823f0684afd344ca198d1ced39f791

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 2FCB 18 KB
8 KB 41ms
33ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44468
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166519df0840e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 2FCB 6 KB
3 KB 388ms
380ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-144570621&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffad36979d3e4da739e3e97198cc676a4a8929e291893df2311774da9ddd6839

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
x-t: 0.243
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDZVL%2FngnULi4zwXwFb5dL2ERpoePaLhR0yTwFXDfgEJBuxdQKJsyonyOJi%2FjeZUpcL8eKLyJSa3Ar7qJJYAoizm69bpvO4tvNFXmSSEpSv6Sl5bjcMhnymcrtSh5Egkzifk5wlFxewONvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166519ec0f5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:03 GMT

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E344 6 KB
3 KB 360ms
353ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:132846935&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914c343404224efbc142074a3964c557ec6052798ffa2481de336216b82b2cd9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
x-t: 0.243
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lvQqxvoY1yKeEJ0xlyeyXmsYwAslTZhnAtj%2ByDniPsPMLBP3DTPuPCZ3mmYUhotTmP%2Fe%2B%2F6cL5HLE0yoyCLF9vN5f6tJsCq7EmQObzzgNosC2vMbBRyWJpZsPIT2ptiHoKMB8EvGd1Mz4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166519ec115f5e-SIN
expires: Tue, 06 Feb 2024 21:13:03 GMT

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame 538B 18 KB
7 KB 37ms
32ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 83844
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166519df0940e8-SIN
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 538B 6 KB
3 KB 390ms
385ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-112345651&@b3:1707253981&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142284b9a017c0b092cfb84bc4aa01eda7b05c3a076ae5a785fd403c78650620

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
x-t: 0.228
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqOdqv1yG47R9%2FDHcf9cshgiX4BTmmKuTXTNtmop2lbNMczmucrwNixNlA%2FYeXCRk6iEht59SDzn4V9hOnUjastrgpDTaUJnnfFZQyWyquV0rwk3YHgidWTTNobZKhZUCldt3ezaQ1sJzc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166519ec125f5e-SIN
expires: Tue, 06 Feb 2024 21:13:03 GMT

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame 0F3C 135 KB
135 KB 11ms
11ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame DD1E 535 B
948 B 13ms
12ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:31:19 GMT
via: 1.1 38eb3b83cf2430e0a8a6f4d2dec3babc.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 31305
x-amzn-requestid: 0f7e2b07-2307-4810-b74a-5188e3f389bf
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Str3tFvoCYcEv0g=
content-length: 535
x-amz-cf-id: SHVD0mevsoV29cSVui6WgLU903RjzeW4bBj6LU36xVKVwV5QFDUyZQ==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame CEBC 312 B
1 KB 38ms
38ms XHR
application/json 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6175152bd8c322d14c8fb879a6cfce83b58f1f97bcc4f7cdc4a59f668c25438b

Request headers

Referer: https://bungaprediction.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://bungaprediction.top
cache-control: no-cache
x-server: 10.42.7.190
access-control-allow-credentials: true
content-length: 312
expires: 0

GET
H2

200

usersync.aspx
dis.criteo.com/dis/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=37490
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=37490&_li_chk=true&previous_uuid=8500ab3a290f471d86070d21f9154044
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

36ms
11ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 239088
expires: Tue, 06 Feb 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 06 Feb 2024 21:13:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 63A1
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=14604
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=14604&_li_chk=true&previous_uuid=b676004775a646e096f0029b849c5353
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

30ms
10ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 304137
expires: Tue, 06 Feb 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 06 Feb 2024 21:13:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 520A 3 KB
3 KB 10ms
9ms Document
text/html 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a1e0d9b77be29f4f8c5bd2fed60d5b18131838604e154273c379b1e931d020b5

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-length: 2958
content-type: text/html
date: Tue, 06 Feb 2024 21:13:04 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.42.26.246

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 0F3C 311 B
338 B 16693ms
1759ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0F3C 11 KB
5 KB 22ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78805
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516651b1f8940e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame 25C0 10 KB
2 KB 19ms
18ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:04 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 28B5 112 KB
25 KB 52ms
51ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

f170132b9335201ad04d67c5ec2907b00d2a91dcac5d05bd9fe81de098dcec8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:04 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame 0F3C 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 0F3C 75 KB
76 KB 25ms
25ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135600
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516651c48fa40eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 6C18 108 KB
13 KB 17ms
12ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6C18 227 B
273 B 19ms
15ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6C18 2 KB
353 B 21ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 6C18 28 KB
8 KB 21ms
17ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6C18 86 KB
29 KB 21ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6C18 13 KB
5 KB 25ms
22ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:04 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6C18 157 KB
26 KB 23ms
20ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567697
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6C18 30 KB
7 KB 32ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048129
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516651d2de689a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6C18 21 KB
8 KB 26ms
23ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084190
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6C18 62 KB
16 KB 25ms
23ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368800
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 6C18 258 KB
258 KB 14974ms
295ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 6C18 4 MB
4 MB 15074ms
350ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 6C18 53 KB
53 KB 13916ms
277ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 6C18 652 KB
652 KB 14074ms
324ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:20 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 6C18 397 KB
397 KB 14100ms
300ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:20 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 6C18 443 KB
443 KB 15857ms
1929ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 6C18 560 KB
0 15803ms
1871ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 6C18 541 KB
0 15851ms
1588ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 6C18 580 KB
0 15843ms
1504ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 6C18 564 KB
0 15869ms
823ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 6C18 556 KB
0 15866ms
798ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 6C18 554 KB
0 15909ms
814ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 6C18 556 KB
0 15910ms
812ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 6C18 532 KB
0 15958ms
794ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 6C18 556 KB
0 15672ms
492ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 6C18 546 KB
0 16433ms
1161ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 6C18 561 KB
0 15920ms
554ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 6C18 309 KB
309 KB 15924ms
556ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 6C18 552 KB
0 16115ms
701ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 6C18 173 KB
173 KB 16509ms
882ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 6C18 95 KB
32 KB 24ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 6C18 2 KB
780 B 27ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 6C18 13 KB
3 KB 28ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 6C18 65 KB
65 KB 16551ms
884ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 6C18 3 KB
1 KB 18ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6C18 8 KB
2 KB 28ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6C18 6 KB
2 KB 29ms
19ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6C18 112 KB
34 KB 29ms
19ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6C18 4 KB
2 KB 33ms
24ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame E344 5 KB
2 KB 23ms
23ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1434
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: yGFJtB3pk50cV19DNgQ088ODAaPnYVsIBhKLyxNXlXOX4cyg-593Dw==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 874B 11 KB
4 KB 35ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78805
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516651d489640e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame D426 10 KB
2 KB 25ms
21ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:04 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame AB2A 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D3E5 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 874B 75 KB
76 KB 18ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225043
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516651d599640eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame D3E5 0
476 B 341ms
338ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 51.34
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iip8Czjrvvo82YrkcUJuSkgxaB5W2%2BHR3aGhoqzmAfHD%2BgX5ZmsQasRXQ5nuONZRAYJ97fM7lm6Ra3XmaxXmY%2BBcvEqX4mPb5%2FAGnHqG%2BMrXEUdLeXFJtLjPqECWaFcH%2BNlC%2B9e0DUKTTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 8516651e3b833e01-SIN
expires: Tue, 06 Feb 2024 20:18:57 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame D3E5 33 KB
11 KB 15ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1600
x-amz-cf-id: V5yHpOrHEhfxH5Vn94giS3XWmc9IGNrgnWGZOoJXiMsWTqkGhb4tfQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame D3E5 0
324 B 340ms
337ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=6snwpnk6n2&_pv=2&_ls=3&_cc=sg&_pl=d&_b=chrome%40121&_cbid=3gmq&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 0.086
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY7KQuhKjqSa1G5DdeFUNrwb2p8WGdiR0e3CuiiS8iZeFePMTDHC4Jh1CR9uyIxeTR10hoyqiAJQPYoFzDiMaJ97GDlga4IPeCJo7HrpIqwqTlj0xnEzRigLmE7kGBSlgjjNo1ArokE48K4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516651e3f705f5e-SIN
expires: Tue, 06 Feb 2024 21:13:04 GMT

POST
H2 200 a
a.dtssrv.com/ Frame CEBC 0
300 B 261ms
260ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A01707253979BCFF8072BEF59FBE4F&k=lotpano&v=6c29fc5aadea751b0b1d3620a6efa9fb927a6f2d07eae536a8b443b67554abb9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbungaprediction.top%2Fhitung.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcxaf1NlK5N0RkP%2FhHlyNDow1ny6U0DIktAFGcpdC9S7pBNbHsgMbdtDlM8qe5XMkOxbNwRTvA4a4UuJc6NxL%2BetTgGfiUMKq%2F58NXRIfkWxlkmKmH3cnXaBxqlVwra9yaCOSI8GcOv6nUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8516651e4dca2e7a-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 45F4 2 KB
1 KB 11ms
7ms Document
text/html 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://bungaprediction.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 5347
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 19:43:58 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
x-amz-cf-id: R9uf2K0ui5ds9EHBh-TZtQWWapbc6UaK_E3y5S0V3VNRhyXddWzV8A==
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2

200

pixelct.tpmn
ad.tpmn.io/ Frame 520A
Redirect Chain

https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0
https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc=
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=Ujg1QUYvYWhRMmFocEdXdXZTeHRaZz09&sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=Ujg1QUYvYWhRMmFocEdXdXZTeHRaZz09&sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt&google_tc=
https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt
https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=47ce4017-f6a1-4366-a1a4-65aebd2c6d66&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Cbds%2Crbc%2Ctl%2Csmt
https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,bds,rbc,tl,smt
https://x.bidswitch.net/sync?dsp_id=340&user_id=47ce4017-f6a1-4366-a1a4-65aebd2c6d66&expires=10
https://x.bidswitch.net/ul_cb/sync?dsp_id=340&user_id=47ce4017-f6a1-4366-a1a4-65aebd2c6d66&expires=10
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=efdcc23d-3711-4e7d-9744-d189fecb6de8
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=efdcc23d-3711-4e7d-9744-d189fecb6de8

170 B
617 B

528ms
84ms

Image
image/png

34.102.166.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=efdcc23d-3711-4e7d-9744-d189fecb6de8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary: accept-encoding
content-type: image/png;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=0a82396ba36695c8904cb4078bac8b1f&tpmn_buid=efdcc23d-3711-4e7d-9744-d189fecb6de8
date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: accept-encoding

GET lotame
ad.mrtnsvr.com/sync/ Frame 520A 0
0

GET
H2

200

engine
fei.pro-market.net/ Frame 520A
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=5770c95a28a2ab6f3d35c00d854d7c07
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=5770c95a28a2ab6f3d35c00d854d7c07&sr

43 B
300 B

226ms
225ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=5770c95a28a2ab6f3d35c00d854d7c07&sr
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp12.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp8.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=5770c95a28a2ab6f3d35c00d854d7c07&sr
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2 200 /
spl.zeotap.com/ Frame 520A 0
0 384ms
361ms Image
text/html 2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=637&env=mWeb&eventType=pageview&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=007f78be-91e5-4d54-8874-1e9e2f52bb83/gdpr=0/ Frame 520A
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
https://id5-sync.com/c/19/19/9/1.gif?puid=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=007f78be-91e5-4d54-8874-1e9e2f52bb83&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/19/2/7/3.gif?puid=7381708761601567904&gdpr=0&gdpr_consent=
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-0b08sqPDXOOtubZLtumJnGpO-vpu4_58reO6xuMCEA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/6/4.gif?puid=4115501602503884086&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://sync.sharethis.com/id5?uid=ID5-0b08sqPDXOOtubZLtumJnGpO-vpu4_58reO6xuMCEA&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F5%2F5%2Fgif%2F0%2F0%2F0%2F0%2F
https://id5-sync.com/a/19/121/5/5/gif/0/0/0/0/ZHGABGXCoOQAAAAILwPMAw==
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F4%2F6.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/19/136/4/6.gif?puid=ZcKg4gAAAeT8dABj&gdpr=0&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F3%2F7.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=4f114a2e84568555f21444ed0196bb3c&redir=https://id5-sync.com/c/19/321/3/7.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0
https://id5-sync.com/c/19/321/3/7.gif?puid=scXveYpj99e1%2BXJk
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0&gdpr_consent=&id5=ID5-0b08sqPDXOOtubZLtumJnGpO-vpu4_58reO6xuMCEA
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=007f78be-91e5-4d54-8874-1e9e2f52bb83/gdpr=0/gdpr_consent=

49 B
265 B

23ms
23ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=007f78be-91e5-4d54-8874-1e9e2f52bb83/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.28.221
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=007f78be-91e5-4d54-8874-1e9e2f52bb83/gdpr=0/gdpr_consent=
date: Tue, 06 Feb 2024 21:13:10 GMT
server: Kestrel
content-length: 249

GET
H2

200

insync
thrtle.com/ Frame 520A
Redirect Chain

https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=5770c95a28a2ab6f3d35c00d854d7c07
https://thrtle.com/insync?gdpr=0&vxii_pdid=5770c95a28a2ab6f3d35c00d854d7c07&vxii_pid=12&vxii_pid1=10014&vxii_rcid=51252ef8-cc2f-4b31-88c5-d44ba1b881b0

43 B
295 B

245ms
241ms

Image
image/gif

3.214.45.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?gdpr=0&vxii_pdid=5770c95a28a2ab6f3d35c00d854d7c07&vxii_pid=12&vxii_pid1=10014&vxii_rcid=51252ef8-cc2f-4b31-88c5-d44ba1b881b0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 3.214.45.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-45-232.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 21:13:06 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?gdpr=0&vxii_pdid=5770c95a28a2ab6f3d35c00d854d7c07&vxii_pid=12&vxii_pid1=10014&vxii_rcid=51252ef8-cc2f-4b31-88c5-d44ba1b881b0
date: Tue, 06 Feb 2024 21:13:05 GMT
content-type: text/html; charset=utf-8
content-length: 189
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H/1.1

200
OK

41715
i6.liadm.com/s/ Frame 520A
Redirect Chain

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07&_li_chk=true&previous_uuid=81a4022d2b4f4aa69cfa7936ff54462c
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07

43 B
548 B

937ms
231ms

Image
image/gif

2600:1f18:ed:550a:894d:5a43:421:a533
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:894d:5a43:421:a533 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=5770c95a28a2ab6f3d35c00d854d7c07
Date: Tue, 06 Feb 2024 21:13:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame 520A 43 B
432 B 423ms
340ms Image
image/gif 108.156.133.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=5770c95a28a2ab6f3d35c00d854d7c07
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-90.sin2.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:05 GMT
Via: 1.1 69ce12cd28f192f5e142ba57e5fe0b80.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.24.0
X-Amz-Cf-Pop: SIN2-P4
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: 4XdeEhLsZd_JRssx8mZ6mPhdM-zBA54StnLvkqykOMUwXsWr7sA_SA==

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 520A 43 B
404 B 90ms
26ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 06 Feb 2024 21:13:05 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 997
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-qpg1271-QPG
pragma: no-cache
server: nginx
x-timer: S1707253985.425496,VS0,VE2
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 520A
Redirect Chain

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=ac85a7e1-b596-45ef-a13b-b758abcf1818&gdpr=0

49 B
264 B

28ms
25ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=ac85a7e1-b596-45ef-a13b-b758abcf1818&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.4.160
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=ac85a7e1-b596-45ef-a13b-b758abcf1818&gdpr=0
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'

GET 7
sync.search.spotxchange.com/audience_sync/ Frame 520A 0
0

GET
H2

200

tpid=b2bc014c-da63-4f13-b0a8-bfe2963f7de9
bcp.crwdcntrl.net/map/c=10737/tp=AMBO/ Frame 520A
Redirect Chain

https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79
https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=b2bc014c-da63-4f13-b0a8-bfe2963f7de9

49 B
264 B

18ms
16ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=b2bc014c-da63-4f13-b0a8-bfe2963f7de9
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.23.84
content-length: 49
expires: 0

Redirect headers

Location: //bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=b2bc014c-da63-4f13-b0a8-bfe2963f7de9
Date: Tue, 06 Feb 2024 21:13:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame 520A 0
299 B 783ms
242ms Image
text/plain 50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=260&buid=5770c95a28a2ab6f3d35c00d854d7c07&j=0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 520A 0
543 B 217ms
24ms Image
text/plain 52.187.52.94
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:5770c95a28a2ab6f3d35c00d854d7c07
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.187.52.94 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:04 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 520A 35 B
247 B 260ms
259ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=5770c95a28a2ab6f3d35c00d854d7c07&partner=104&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 520A 0
44 B 638ms
206ms Image
text/plain 52.27.127.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=5770c95a28a2ab6f3d35c00d854d7c07
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.127.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-127-217.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
server: awselb/2.0

GET
H2

204

0.gif
x01.aidata.io/ Frame 520A
Redirect Chain

https://x01.aidata.io/0.gif?pid=LOTAME&id=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
https://x01.aidata.io/0.gif?pid=LOTAME&id=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&bounce=1

0
433 B

217ms
212ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LOTAME&id=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&bounce=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
last-modified: Tue, 06 Feb 2024 21:13:05 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 06 Feb 2024 21:13:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
last-modified: Tue, 06 Feb 2024 21:13:05 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=LOTAME&id=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Tue, 06 Feb 2024 21:13:05 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 520A
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=208870804784003980594&gdpr=0&gdpr_consent=

49 B
263 B

24ms
20ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=208870804784003980594&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.5.15
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
via: 1.1 97c608c51c30f9a86b35039c9df349e4.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: SIN2-P3
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=208870804784003980594&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: erN2KwVoXuU7uFqSQhJ5L2MDSn6Vu_yPUEz3PUorAMsrBuo1gpM6KA==
expires: 0

GET 66.png
geo-um.btrll.com/v1/map_pixel/partner/ Frame 520A 0
0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 520A 0
674 B 314ms
16ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0&_test=ZcKg4gAAAeT8dABj
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZcKg4gAAAeT8dABj/ Frame 520A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZcKg4gAAAeT8dABj
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZcKg4gAAAeT8dABj/gdpr=0&_test=ZcKg4gAAAeT8dABj

49 B
265 B

28ms
26ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZcKg4gAAAeT8dABj/gdpr=0&_test=ZcKg4gAAAeT8dABj
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.15.235
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-qpg1276-QPG
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1707253986.379966,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZcKg4gAAAeT8dABj/gdpr=0&_test=ZcKg4gAAAeT8dABj
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 382416.gif
idsync.rlcdn.com/ Frame 520A 42 B
331 B 244ms
221ms Image
image/gif 35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

rand=295070168
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/ Frame 520A
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=295070168
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D295070168
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=295070168

49 B
264 B

20ms
16ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=295070168
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C146%2C142%2C139%2C135%2C125%2C122%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C80%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.3.141
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:06 GMT
an-x-request-uuid: dc39f5e3-036d-4a72-b800-238582e02568
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=295070168
x-proxy-origin: 209.58.162.239; 209.58.162.239; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame AB2A 0
299 B 320ms
319ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 48.2
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6QZPVsEraPu83gpq3vSOQFpIMjDse%2Bb2Pey%2Bjxo1EB%2FC62dZyAS28CRGjlapCb701f7nGelRdxXYSy7frW%2FjKu5t7Rq2YbDlXhWhlfp5zxAAqpp9t0fJr8aj8XdciUxNbf%2BPJxArtRvBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516651e6b9d3e01-SIN
expires: Tue, 06 Feb 2024 21:13:41 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame AB2A 33 KB
11 KB 16ms
15ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1601
x-amz-cf-id: n0KmImqFhrHW_KuKX1yfKDh7d-eXl8UWYw-Xv5r47JI6OQgIo-3SFQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame AB2A 51 B
434 B 376ms
375ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=17nl&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ce0d4c3737b9ef342a61027da102f3745661ec3d27155274ae0c22f14e4c15

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 0.123
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIyZ7odWCY%2BhXh9DmAqjbatg7t9PzPSqGY3guOWzhNZdJN7A9iOM742UPWyL9rjz%2FGXiJv0TghRq1ZQrQ%2BwlOdWEzv8Jw2ilJtQc1Ycty9qU7n1bG2YIvR40syh6B9PBk3KArHyadqbz2yc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516651e7f865f5e-SIN
expires: Tue, 06 Feb 2024 21:13:04 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 0B17 0
436 B 315ms
313ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 23.93
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMaSmf61U8IMkWlLQunbxPNgPWL5IqcNUxQP7sGGFdicPUDcwaNgOw80PbME5hqIzoOdgARAfP7hcxNxJFE%2FFxrDCb0qk2hcmgRfLWUpgdEYo3NXg9%2Bn1ayRRtEU7grbeRwIcvss3Qs%2Bsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516651e7ba13e01-SIN
expires: Tue, 06 Feb 2024 21:13:41 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0B17 33 KB
11 KB 18ms
17ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1601
x-amz-cf-id: Z9_PFKERummrJNXBqsW_vbK6Z7EUbc1uennzZNLY9Jpncfor60bS5Q==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 0B17 51 B
354 B 335ms
334ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=547xnfqip6&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=49ek&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca55f13da599130ec901a8961c5925a61c1f17d28bf83731e417b4bcb8b3f01

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 0.114
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVQrYi1%2FNlgjWgWYxNG6xfbSoCd19mCTrgiHSsH71nCmlOFnZW0WVTNNF1qSD3wKFxj7BWyBOk%2Bwnqt6Pe3l8lmpHUZ229JXxJ%2Bkk8ftnSLyAM1peLe8dWBez%2FUyqP4uqqS0JbCQ310YYaE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516651e7f895f5e-SIN
expires: Tue, 06 Feb 2024 21:13:04 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame C463 0
564 B 312ms
310ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 29.81
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEKtWcuXzinOpGbtiUZxOlZQwpMSQI5yUv4n03yk7tNfEknD2W0ne6mDgoSL8YBekbvXqsLO5GyKhBCSirq5ExkGHlkbYjAZhDo1virLJ%2B%2FLY1ERlD86Z4eeyWhXJX%2BXHCSqg0Pyg7A63Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 8516651e7ba33e01-SIN
expires: Tue, 06 Feb 2024 21:16:44 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C463 33 KB
11 KB 20ms
18ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1601
x-amz-cf-id: jr2iPdwqz4V0jCMcywBYZLi4fbT3Zg1yPMu3zMFQTV7D-EYROLhu8Q==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame C463 51 B
338 B 557ms
555ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=twqq6o3xxo&_pv=2&_ls=1&_cc=sg&_pl=d&_cbid=1r1x&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baab6a08519a141264c31d8f527b0519cfc15674819b3f658786d6ec9524cd0e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 0.164
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5pZCagqujsFtap9B0nRS3CDxH%2BR%2Ba1SZHk6EUH0NNuL5SqTilRAZyaDCcwbLNRuTCJ85DJ%2FLKLAzw1pzfz5AKF2BpIrG3TOvMpOOQDFh3kyRw4VCJZuXL3RMEvxmuacUZfGYC81ToV0aMU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516651e7f8e5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:04 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 86D0 0
448 B 386ms
384ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 19.94
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KE6bXhGbe%2ByAYlBmsZguu52wBFW3mN%2FZF%2BESCZx7GrDmHXpQlAjdZL%2Bk91tO1N0kdumcm3tgdk0aqapLFokhYblICxA42mrXaiDyS52d7pM3ozhnXqLyd4m67pL3zDOGkRs%2FssbrXEaIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 8516651e7ba63e01-SIN
expires: Tue, 06 Feb 2024 18:52:35 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 86D0 33 KB
11 KB 21ms
19ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1601
x-amz-cf-id: eqUneXRjwKTnro8hM63p-hm8rCasR9hj0-U08iN_piF2TXROZMrVcg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 86D0 0
283 B 374ms
373ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=1k5shfatpr&_pv=2&_ls=2&_cc=sg&_pl=d&_b=chrome%40121&_cbid=1anb&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 0.086
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vr2uFgwgG35TaIcRlgTLlNfemMy3hJO4chn%2FCmi5CXJvC%2Fna%2B4WTc33OvmEpF9W85vfKeEC7vnrc2%2BmSmCyAczINtYjqM2vnZneHjKZIS6Z3eNTdl%2BNWsaPQHs%2FJEglFloqEuox820%2FwD8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516651e8f955f5e-SIN
expires: Tue, 06 Feb 2024 21:13:04 GMT

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame 039F 436 B
571 B 1495ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:56660646&@b3:1707253985&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 229db54085cf76b43890df9f5f316b175c1151f3fdf6e7fbbaee39fbb986913c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:06 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 25C0 15 KB
3 KB 14ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame 039F 18 KB
5 KB 13ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 28B5 108 KB
13 KB 21ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 28B5 227 B
284 B 24ms
19ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 28B5 2 KB
376 B 24ms
19ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 28B5 28 KB
8 KB 24ms
20ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 28B5 86 KB
29 KB 32ms
28ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 28B5 13 KB
5 KB 38ms
33ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 28B5 157 KB
26 KB 25ms
20ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567697
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 28B5 30 KB
7 KB 38ms
34ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048130
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516651f6ff389a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 28B5 21 KB
8 KB 29ms
24ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084190
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 28B5 62 KB
16 KB 29ms
25ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368800
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 28B5 258 KB
258 KB 14718ms
293ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 28B5 4 MB
4 MB 14765ms
293ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:19 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 28B5 53 KB
53 KB 15764ms
409ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 28B5 652 KB
652 KB 15766ms
363ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 28B5 397 KB
397 KB 15766ms
332ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 28B5 443 KB
443 KB 16609ms
1081ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 28B5 498 KB
0 16618ms
1083ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 28B5 484 KB
0 16811ms
1227ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 28B5 491 KB
0 16457ms
697ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 28B5 501 KB
0 16836ms
1056ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 28B5 465 KB
0 16827ms
914ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 28B5 449 KB
0 16848ms
905ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 28B5 479 KB
0 16938ms
894ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 28B5 479 KB
0 16969ms
902ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:22 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 28B5 467 KB
0 16817ms
638ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:23 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 28B5 470 KB
0 16911ms
629ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:23 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 28B5 469 KB
0 16952ms
631ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:23 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 28B5 309 KB
309 KB 17438ms
916ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:23 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 28B5 441 KB
0 17342ms
542ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:23 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 28B5 173 KB
173 KB 18714ms
1553ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:24 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 28B5 1 KB
1 KB 764ms
259ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: ce02f63df1192e76c52df28c9fefe73683c7eebeccb01eed81f247a7aa09caf5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
ETag: -641061621
Content-Length: 1131
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 28B5 65 KB
65 KB 19907ms
2669ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:24 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 28B5 8 KB
2 KB 23ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 28B5 6 KB
2 KB 24ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 28B5 112 KB
34 KB 26ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 28B5 4 KB
2 KB 35ms
26ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/jalur-shio/ Frame 9885
Redirect Chain

https://vip.badutprediction.info/jalur-shio
https://vip.badutprediction.info/jalur-shio/

107 KB
21 KB

331ms
330ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/jalur-shio/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

cb66accd765c5996e132fb8ed13a083159662c1c4d6f6888a5917299332a9556

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/prediksi-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:05 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/293>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=293>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:05 GMT
location: https://vip.badutprediction.info/jalur-shio/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 5188
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=26260
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=26260&_li_chk=true&previous_uuid=ed96b09d6598408eb0c8a6571e1fd497
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

23ms
17ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 236654
expires: Tue, 06 Feb 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 06 Feb 2024 21:13:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame CEBC
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=58532
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=58532&_li_chk=true&previous_uuid=9023deca3df4464b9063f11cae6b7a38
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

11ms
7ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 305872
expires: Tue, 06 Feb 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 06 Feb 2024 21:13:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 9

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame FBEB 11 KB
5 KB 37ms
34ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78806
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665204a6e40e8-SIN
content-length: 4547

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72409&pu=
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72409&pu=&expected_cookie=aa7ae4f4-45d8-4f58-bb5e-cae2f7f207be

0
359 B

369ms
367ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72409&pu=&expected_cookie=aa7ae4f4-45d8-4f58-bb5e-cae2f7f207be
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4E81713DFCB64847A2AE40892A386AB3 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQtiWYLNZxK4M93MeQ==

Redirect headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 657ED7B3594A41DD8135F8F0BFCC15F6 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72409&pu=&expected_cookie=aa7ae4f4-45d8-4f58-bb5e-cae2f7f207be
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQtbd40EQ5TTM3j9cw==

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 63A1
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72972&pu=https://vip.disksusiangka.info/
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72972&pu=https%3A%2F%2Fvip.disksusiangka.info%2F&expected_cookie=2d6a6042-b127-4b9b-9adc-acbb2bee529e

0
145 B

255ms
254ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72972&pu=https%3A%2F%2Fvip.disksusiangka.info%2F&expected_cookie=2d6a6042-b127-4b9b-9adc-acbb2bee529e
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 53CF534AD0924B498FF8EE175034CABA Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQtm09AVm0ICcTY5Tg==

Redirect headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7763A93890614D6194A9472B57DA8046 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=72972&pu=https%3A%2F%2Fvip.disksusiangka.info%2F&expected_cookie=2d6a6042-b127-4b9b-9adc-acbb2bee529e
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQtiW8r7dUQLFMBGMg==

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E344 6 KB
3 KB 337ms
336ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-169175642&@b3:1707253980&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd375cae26623e4e143ec6cf6be7cd91721fd1c11bce7ebdf44e7f6698b6d64

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
x-t: 0.229
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d32dBsQjgeYIiEpYivNNIgTeTeqH%2B8cSL0Hgu8idKjmy7QbdeDNf0blQOssp77iSqjJkH7uh0cORKGgyAXWEpDxN3pFaGEKeZ2xc%2FBvBSJgcT8sSQ6LGDELVOvLsVmGaCnTquHr5CMIjSlY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516652069245f5e-SIN
expires: Tue, 06 Feb 2024 21:13:04 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame D426 15 KB
3 KB 28ms
28ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:02 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 6B81 535 B
939 B 684ms
660ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
via: 1.1 fc899105a2c69d10c3425bf348b53f1c.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
x-amzn-requestid: 627b6def-af8a-442f-b4fb-381e3b81358a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su4TWG2_iYcEsJA=
content-length: 535
x-amz-cf-id: 64WMRnx1Xmgd_AvcCyibW92btl-JZklfoKUw_9fGly_KO--DlRs7og==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame B318 5 KB
2 KB 25ms
18ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1435
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: TLRbhm-sTDnDFl6Tp3QhuoBYb5XggPLw59T5HRdokLuw7Jlks78ssg==

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 874B 18 KB
5 KB 13ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 0F3C 18 KB
5 KB 24ms
23ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:05 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 6B81 4 KB
1 KB 970ms
969ms XHR
application/json 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: gzip
via: 1.1 6bba44d47d881e087bd912149e58e0ca.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: oXV08_LyK5nIvS_P2AVkZqpveLnfi-tS2a1BXUXRqGx8bE1NHX5Nog==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E86F 11 KB
4 KB 29ms
28ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78806
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665232cee40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 799A 10 KB
2 KB 27ms
26ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E344 33 KB
11 KB 26ms
25ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1601
x-amz-cf-id: -t0lTV8mcegrASlxaly3vBo-4LSL870zLrXq_yULp9t-Kpuo93aMDQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 2FCB 0
458 B 363ms
362ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 45.03
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNFYJOegnREqHihMuSeJDuwEjdVM92bvU9NlNYoAmgmBtEmkFKwaW1SrW4tUPqc34yBmvCy7mzu%2FRCiMI9vM4dWiZPUDHl5oqYLDETLsy52mAp1WOcHtg9%2BrzKs%2BKOvqbibSwtip9xsaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 851665235ebd3e01-SIN
expires: Tue, 06 Feb 2024 21:06:20 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2FCB 33 KB
11 KB 28ms
27ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1601
x-amz-cf-id: jWne9kLfpI2qt_nLtfQjCPknXGL2TOOrJwIHUgm5kEZP39J2G2wczg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 2FCB 51 B
392 B 371ms
370ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=7fbv&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a49a3241e724334d82624950df463e81ed829057eace112fdd27592a6ae018d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 0.113
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tf%2Fp%2BdO%2BTuojialH3MRcjNwqgBEsNFgj4qazWfwxhw4lC1w05poLeBgnKXd5vyX9b1e%2F%2FzDxK0OCD%2BrMskkdfNxd9Itrt8euyxq%2FLaAj2i2SBdKY1DKMdNJ4gXnCsKnc8xkG3ZTyYoA6jhA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665235af95f5e-SIN
expires: Tue, 06 Feb 2024 21:13:05 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 538B 0
297 B 407ms
399ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 49.63
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx%2B60k%2FNIYqqfHbr4dtlALFGjxn6jt0gQFaqraPar291xhswBLyQlB2IMRTrW6IcjldBR89esWrWvQKROSvG4N3dQ5yu6j5aWn6f4bhoM2ZlGPUJRwAXD81cSQJCpKmjdgFc%2Fbgjhbyzxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 851665236ece3e01-SIN
expires: Tue, 06 Feb 2024 21:13:41 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 538B 33 KB
11 KB 31ms
25ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1601
x-amz-cf-id: wJ8PPhdGpaGwWq0iXV-a8YzNmW8NDV_zKElp27CuaS1c0vVZjOOuhw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 538B 0
283 B 369ms
364ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=woyan4849m&_pv=2&_ls=3&_cc=sg&_pl=d&_b=chrome%40121&_cbid=5ifo&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 0.083
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqQnQT8MbLl4cYvbkS5NUFR3crk4dJ5cgqBvx6wrlSOf4BTzV4MxFJMrCNdbhnl2pxmLLVyFjZDZE05fXV6WZQ2njnMzhj1VYTHKpcsIw%2FewNUaQSsIQubMEhLOu2CEfFcavvR2wLwdzsxc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665236b035f5e-SIN
expires: Tue, 06 Feb 2024 21:13:05 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame E86F 75 KB
76 KB 27ms
26ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225044
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665237e0d40eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 749B 16 KB
6 KB 21ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13067
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665245d6e40e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 749B 6 KB
3 KB 362ms
361ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:149607400&@b3:1707253982&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e309a06cfecd7e8cd1a60f803f6d92b4c9e16c55021bea05b073ac0924fca9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 0.219
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BkZ44lkVAKehQ%2B9kcoNFfYtsO45%2BTak7gAAjNMpqvdtJPYOJk495gVLG86aB1IsHgiEK5Py8DAMNvfuVDf1R0mWX79m2or8o5IEao6TdUg1UEvsxXCZe1NiaB%2ByheO1mJ2MJHmOCXoSn%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665245b815f5e-SIN
expires: Tue, 06 Feb 2024 21:13:05 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/buku-mimpi-4d/ Frame EF1B
Redirect Chain

https://vip.poltar2d.info/buku-mimpi-4d
https://vip.poltar2d.info/buku-mimpi-4d/

172 KB
39 KB

57ms
55ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/buku-mimpi-4d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

83f40cecaac1f1f73f92aa4e24e4492619783951bfd5039e0613bd15f1a68d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/prediksi-sydney/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:06 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/220>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=220>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:06 GMT
location: https://vip.poltar2d.info/buku-mimpi-4d/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame DD1E 5 KB
2 KB 11ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1436
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: pMLjUrHa-5Ezl5eXRQT6WTgABD7wYg3mQm4vj4yTb8HaGNH8pwzt8A==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 43CC 5 KB
2 KB 11ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1436
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: mF2pB0jkDmQdb257no2RDWqmDNZIYELYLwNnqR3KiQbwgWhuomNjGQ==

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame DE84 22 KB
12 KB 24ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72161
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665249d8f40e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame DE84 6 KB
3 KB 368ms
367ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20SYDNEY%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:130417574&@b3:1707253983&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdc9b8b9b72db5c97cf6a83a97fe088f75be547a904d1f1a30b478b27bc54e11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 0.204
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBnIQPGVuhiYBFbUlDKj2XU7n9GW6ZDAsE0byKfBzp47iVkvpe7g5n4AjYMsC12oOr%2BeS4RESVvVB7tfZ84%2FvHkPc2MALdwk5I%2BzxjHJkwZNUdVRPthBVa22%2BlmXptJHiwoLlAW%2F6hW%2F8z4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665249ba65f5e-SIN
expires: Tue, 06 Feb 2024 21:13:05 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 5188 0
146 B 343ms
333ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=78699&pu=https://vip.zona88.top/
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 38D845C0AE7D4BCF9EC4C5C6AAF841D7 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQtjaeNq+B8G7lypHA==

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 874B 438 B
573 B 1214ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20SYDNEY%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-9479445&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 28cf2a34f3fc95ce2c4826b99dd7ffdab889d1a7cccca77f70772f2b0fdc671e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame D157 16 KB
6 KB 28ms
25ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13068
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166524bdb340e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame D157 6 KB
3 KB 372ms
369ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:192653241&@b3:1707253983&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b80a690b470acfdeed3e8f62297dec976dcd9edc2e92f0d4da0b20ef43aad6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 0.221
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6u%2FCY7t80OS3Q6DxkKmFpu5O%2B5O2cOwdXWiQemjo8wTBCJME2DW%2F%2FNxWn2VQ%2FwcFVw0BgojYBlwpIIEwv9bvK0otY%2FbTyU2iptgt3BegXF1YwwLaJxiqXT2%2F2woQZ5GlX%2BrI%2FysDO%2FNJu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166524cbb65f5e-SIN
expires: Tue, 06 Feb 2024 21:13:05 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame CEBC 0
145 B 335ms
333ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=1777&pu=https://vip.zona88.top/
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 313A753FFE15425D8A383C25BD6AE791 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQtjaZKOOFP3toKL9g==

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 8C8A 18 KB
8 KB 29ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44470
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166524bdb640e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 8C8A 6 KB
3 KB 337ms
336ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:109723625&@b3:1707253983&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f7617eba5fee3dd731a13aa013d8860b9b7093599fff26ee0ac213ebe80cdc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
x-t: 0.236
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENcEcvTzBcHAgeofrRQDVEn8j6sv1kuAbbQOrM%2FsWn9I5FAs0botZoB9jTrrifKhguSQz0Yu6kVPfYKn7N2CEfhjmJVuAXv8bDvUfvjzvjEG6zZQKESLhu11o9TeLQQInw4th2P%2BgJ1v1DI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166524cbb75f5e-SIN
expires: Tue, 06 Feb 2024 21:13:05 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame E344 41 B
333 B 212ms
212ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame 0F3C 435 B
570 B 1262ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-167662446&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 92058466e95b4fb7d604972ddb055d7f9513afaabdb936886991de7b494e3d9f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame 9885 108 KB
13 KB 17ms
13ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 9885 227 B
271 B 54ms
50ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 9885 2 KB
374 B 55ms
51ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame 9885 28 KB
8 KB 56ms
52ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 9885 86 KB
29 KB 127ms
123ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 9885 13 KB
5 KB 111ms
108ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 9885 157 KB
26 KB 18ms
14ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567698
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 9885 30 KB
7 KB 27ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048131
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166524eb7189a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 9885 21 KB
8 KB 19ms
16ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084191
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 9885 62 KB
16 KB 21ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368801
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame 9885 2 MB
0 27ms
24ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 9885 311 B
338 B 16084ms
424ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:21 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame 9885 43 B
182 B 286ms
285ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 9885 3 KB
1 KB 629ms
627ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 9885 8 KB
2 KB 66ms
64ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 9885 6 KB
2 KB 67ms
65ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 9885 112 KB
34 KB 68ms
66ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 9885 4 KB
2 KB 223ms
222ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
DATA 200
OK truncated
/ Frame 6C18 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 25C0 11 KB
5 KB 25ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78807
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665253e0840e8-SIN
content-length: 4547

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 799A 15 KB
3 KB 15ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/buku-mimpi-4d/ Frame 0E2A
Redirect Chain

https://vip.poltar2d.info/buku-mimpi-4d
https://vip.poltar2d.info/buku-mimpi-4d/

172 KB
39 KB

77ms
76ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/buku-mimpi-4d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

1307d7d34cfe2b79f354be46d018f0299dee1f562bd714b2dea08a2459d5b2b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/prediksi-hongkong/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:06 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/220>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=220>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:06 GMT
location: https://vip.poltar2d.info/buku-mimpi-4d/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=58935
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
493 B

645ms
227ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:06 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 63A1
Redirect Chain

https://um.simpli.fi/lj_match?r=12313
https://ce.lijit.com/merge?pid=2&3pid=3D87D4FF2F1440DCAEE1368598DDAEC6

43 B
495 B

643ms
224ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=3D87D4FF2F1440DCAEE1368598DDAEC6
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=3D87D4FF2F1440DCAEE1368598DDAEC6
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:06 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame D3E5 5 KB
2 KB 12ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1436
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: MuLH0lLpY8cGNTnzO3z9y2jxGCGsUrklp6TVOKEbSzWJWPUiK3y0MQ==

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1447ms
283ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-173583896&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1475ms
274ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-47387519&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1535ms
274ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:20548152&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1652ms
270ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:45897075&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1697ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-76226263&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:07 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 2213ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:101707244&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 831ms
248ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:96187172&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 938ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:101435553&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 904ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-149068679&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1325ms
265ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-127471670&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:09 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1302ms
259ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:159286256&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:09 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1001ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:18755353&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:09 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1451ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-60039062&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1318ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:195053893&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 1339ms
259ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-157491077&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame FBEB 439 B
574 B 867ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-94538563&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame E86F 18 KB
5 KB 10ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D426 11 KB
4 KB 19ms
17ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78807
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665273f7a40e8-SIN
content-length: 4547

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame AB2A 535 B
941 B 649ms
649ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
via: 1.1 b62dcf579674d1758cbe507a9f0f1cee.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
x-amzn-requestid: 90030beb-2b5a-4881-ba7a-0e1ed4c91c90
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su4TgFOYCYcESFg=
content-length: 535
x-amz-cf-id: q9KJXsXmQroS3ObFFqtyISPXibw4DdQcyA-P4wt1L0RDlrzQ_YXwJA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 0B17 535 B
940 B 243ms
243ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
via: 1.1 9683b5745ef5870755379e861e3a7520.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
x-amzn-requestid: 32712952-b5ea-47f7-bc05-e83ce9685361
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su4TcHSUCYcEHNg=
content-length: 535
x-amz-cf-id: tP3W-odA6AJozYtj-aaa_HiEgtUCqaWAGgE23uHWYmvEQvLQRoA5uw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame C463 535 B
939 B 12ms
11ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:05 GMT
via: 1.1 fc899105a2c69d10c3425bf348b53f1c.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
x-amzn-requestid: 627b6def-af8a-442f-b4fb-381e3b81358a
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su4TWG2_iYcEsJA=
content-length: 535
x-amz-cf-id: Q7ZsfF5vQV2ijsVUm4VPq28LGGH2lI_77-YBfObTQd-mo7C_q0fpIA==

GET
DATA 200
OK truncated
/ Frame 28B5 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 86D0 5 KB
2 KB 10ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1436
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: U7zOTGPd4RBIPEDU7jVw-0_o9G5rrGx3rpTFfgiVUbwLwflYL13FHw==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame B318 41 B
335 B 207ms
205ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame EF1B 108 KB
13 KB 17ms
13ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame EF1B 227 B
273 B 28ms
24ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame EF1B 2 KB
353 B 29ms
25ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame EF1B 28 KB
8 KB 30ms
26ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame EF1B 86 KB
29 KB 32ms
29ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame EF1B 13 KB
5 KB 37ms
33ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame EF1B 157 KB
26 KB 30ms
26ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567698
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame EF1B 30 KB
7 KB 52ms
49ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048131
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166527fd4989a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame EF1B 21 KB
8 KB 35ms
32ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084192
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame EF1B 62 KB
16 KB 44ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368801
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame EF1B 258 KB
258 KB 17737ms
287ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:24 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame EF1B 4 MB
4 MB 17780ms
313ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:24 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame EF1B 53 KB
53 KB 17786ms
282ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:26 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame EF1B 652 KB
652 KB 18105ms
311ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:26 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame EF1B 397 KB
397 KB 18288ms
292ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:26 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame EF1B 276 KB
0 19035ms
840ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame EF1B 299 KB
0 19052ms
847ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame EF1B 308 KB
0 19125ms
772ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame EF1B 301 KB
0 19204ms
772ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame EF1B 240 KB
0 19791ms
831ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame EF1B 241 KB
0 19807ms
841ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame EF1B 262 KB
0 19869ms
850ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame EF1B 268 KB
0 19797ms
565ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:27 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame EF1B 206 KB
0 20365ms
1032ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame EF1B 212 KB
0 20428ms
1048ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame EF1B 216 KB
0 20426ms
1045ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame EF1B 217 KB
0 20345ms
664ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame EF1B 195 KB
0 20391ms
681ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame EF1B 202 KB
0 20405ms
687ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame EF1B 173 KB
173 KB 20433ms
684ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame EF1B 65 KB
65 KB 20767ms
915ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame EF1B 3 KB
1 KB 136ms
117ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame EF1B 8 KB
2 KB 31ms
15ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame EF1B 6 KB
2 KB 31ms
15ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame EF1B 112 KB
34 KB 34ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame EF1B 4 KB
2 KB 55ms
31ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 0E2A 108 KB
13 KB 41ms
26ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 0E2A 227 B
273 B 51ms
37ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0E2A 2 KB
353 B 51ms
37ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 0E2A 28 KB
8 KB 51ms
38ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:06 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0E2A 86 KB
30 KB 52ms
39ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0E2A 13 KB
5 KB 75ms
61ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 0E2A 157 KB
26 KB 39ms
26ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567698
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 0E2A 30 KB
7 KB 52ms
39ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048131
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665283d6389a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 0E2A 21 KB
8 KB 41ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084192
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 0E2A 62 KB
16 KB 43ms
30ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368801
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 0E2A 258 KB
258 KB 18070ms
326ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:24 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 0E2A 4 MB
4 MB 18596ms
317ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:25 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 0E2A 53 KB
53 KB 20144ms
277ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 0E2A 652 KB
652 KB 20173ms
289ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 0E2A 397 KB
397 KB 20183ms
292ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:28 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 0E2A 173 KB
0 21464ms
1316ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 0E2A 160 KB
0 21470ms
1318ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 0E2A 197 KB
0 21458ms
1173ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 0E2A 160 KB
0 21212ms
903ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 0E2A 160 KB
0 21279ms
884ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 0E2A 174 KB
0 21411ms
909ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 0E2A 154 KB
0 21524ms
574ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 0E2A 147 KB
0 21614ms
591ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:29 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 0E2A 111 KB
0 22205ms
845ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:30 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 0E2A 105 KB
0 22201ms
803ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:30 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 0E2A 68 KB
0 22704ms
757ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:30 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 0E2A 59 KB
0 22701ms
754ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:30 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 0E2A 19 KB
0 22996ms
833ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:30 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 0E2A 20 KB
0 24253ms
1857ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:31 GMT

GET NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 0E2A 0
0

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 0E2A 16 KB
0 23676ms
1071ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:31 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:31 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0E2A 3 KB
1 KB 120ms
113ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0E2A 8 KB
2 KB 44ms
32ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0E2A 6 KB
3 KB 47ms
35ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2490
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0E2A 112 KB
34 KB 52ms
40ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0E2A 4 KB
2 KB 125ms
114ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 28B5 11 KB
4 KB 61ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78807
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166528581e40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame 4AEB 12 KB
2 KB 50ms
28ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:06 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E344 0
547 B 1093ms
1050ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-t: 0.99
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI8qMyw1wzO3fHoK%2FGYwWMjdF2JOhmPthDTj7dFS7ozKPxGP54nB%2BNnkACR6hFtLh481ASWlYEXRtgbmqEJURGSsmo%2FbWPxHQ59nCmLOatqQT85Pwo3EDrJfc7EYQiK4LJttRELjSVQkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 851665285a7b3e01-SIN
expires: Tue, 06 Feb 2024 21:16:29 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E344 33 KB
11 KB 52ms
9ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1602
x-amz-cf-id: QClLXFzvivRArBM51SOMvvS42SMvHM08P7NGSsG5DE2pyjGr4zagLg==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 28B5 75 KB
76 KB 35ms
25ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 465125
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c4f1d4ee3f7913748b6627f04107416
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665287aa840eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 874B 231 B
530 B 10ms
10ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2728.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 874B 1 KB
776 B 10ms
10ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2728.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f449.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 874B 563 B
648 B 12ms
10ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f449.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2611.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 874B 482 B
781 B 12ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2611.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2c43a255e95fbdf338309f6c22ac82b0d7fa1a37ee9c97caf5e40d3fed96f8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 482
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0F3C 231 B
530 B 10ms
10ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0F3C 230 B
529 B 11ms
10ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame E86F 438 B
573 B 1736ms
256ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20HONGKONG%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-181463131&@b3:1707253987&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 28cf2a34f3fc95ce2c4826b99dd7ffdab889d1a7cccca77f70772f2b0fdc671e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2

200

merge
ce.lijit.com/ Frame 5188
Redirect Chain

https://um.simpli.fi/lj_match?r=7246
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
493 B

330ms
226ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:07 GMT

GET
H2

200

merge
ce.lijit.com/ Frame CEBC
Redirect Chain

https://um.simpli.fi/lj_match?r=67226
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
493 B

329ms
225ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:07 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 538B 0
468 B 272ms
271ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-t: 0.99
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pb2YYx1v0rZIZyeF%2BSE%2B80NYABIKPUeZdRcAoCThOko6Lhbb5ktzHlwqaLW0SxB1Or8vSz%2FfDAf2cjHMFQswquW%2F9cxx1bdUmo8Bp8omTtmiBRXR2aioNcUH4pMbSk3ETUyB8Mmlo5Awg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 8516652acbdf3e01-SIN
expires: Tue, 06 Feb 2024 20:47:23 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 538B 33 KB
11 KB 10ms
10ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1603
x-amz-cf-id: U6fpKWoQ3IIq4tik4rBuJIscxLRW1XDiGRKcc4ei2bDZgUzY4P_MLQ==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame DD1E 41 B
329 B 206ms
206ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zona88.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 43CC 41 B
336 B 206ms
206ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H3

200

/ Show response
vip.poltar2d.info/generator-angka/ Frame 6BD6
Redirect Chain

https://vip.poltar2d.info/generator-angka
https://vip.poltar2d.info/generator-angka/

108 KB
26 KB

54ms
53ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/generator-angka/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

444b3e871270007bce4b3e0ed2f9aa767ae0eb7be5aa6b60f2391ca0d543f2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:07 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/157>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=157>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:07 GMT
location: https://vip.poltar2d.info/generator-angka/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 4AEB 15 KB
3 KB 13ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
DATA 200
OK truncated
/ Frame 749B 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DE84 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame C358 2 KB
2 KB 66ms
66ms Document
text/html 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 683294a1c4a07185d893da8b83b7558b527a3b37d651a9709c5306d5c88ccd3f

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-length: 1637
content-type: text/html
date: Tue, 06 Feb 2024 21:13:07 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.42.28.135

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6B81 5 KB
2 KB 65ms
65ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1437
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 1tUIuMZjkakJkOp0bBmLLZHmFX-ig9nKomPJbYXdH0TC1SSNNKjTRg==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 2FCB 535 B
949 B 64ms
63ms Fetch
application/json 18.155.68.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-81.sin52.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 12:47:15 GMT
via: 1.1 9683b5745ef5870755379e861e3a7520.cloudfront.net (CloudFront), 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P3, SIN52-P1
age: 30352
x-amzn-requestid: 81f4c054-f718-4afb-8a70-0df7cacbd543
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StuNGE27iYcEtcw=
content-length: 535
x-amz-cf-id: Gk3oF38_OCqvjnIgmn-MSq2BfNrXiXxznrAfCHdR6rFt8quiKO06ew==

GET
H2

200

usersync.aspx
dis.criteo.com/dis/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=38925
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

27ms
26ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:07 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 395939
expires: Tue, 06 Feb 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 06 Feb 2024 21:13:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7DB2 85 B
483 B 63ms
62ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606831
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: DQ6B1o6X-92YOumYGz5ygl6wNcxEzq85k36YAA9Xw6VyAimKN1JZZg==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 63A1
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=40823
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

28ms
27ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:07 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 513310
expires: Tue, 06 Feb 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 06 Feb 2024 21:13:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 3AE5 85 B
483 B 63ms
63ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606831
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: ihFuBeDSoNQhwDDQXwPpyD8OWU0_KZ6dui3p0pPEQryF98fjMAQSBw==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 538B 5 KB
2 KB 63ms
63ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1437
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: NT19W20qeejaqd_V3rqd7z7jrO1zp7Xx4RFI45UPOCnq88AduLhQzg==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 799A 11 KB
5 KB 141ms
141ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78808
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516652edce840e8-SIN
content-length: 4547

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 25C0 435 B
570 B 1023ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-104907810&@b3:1707253988&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d17e88dc68df9445e56e8fc6f50ff4ee7b3c53c2a7f9af78ff7e797345b7f61b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 749B 0
462 B 378ms
377ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 5.83
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAlf6pvnp%2BnJT8oAYpJsp4diwEr4EYVaoVYFE2RSQc7V%2B4O3vv4zIKgG7%2B8VbdkSkoqcjUZVDUNsltlLesl5lrf5CSa0udk0RGQtQ%2Fx%2FgyIOl%2B4NYPVOIheodCReemdEWJ3AVXoLz3ByxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516652f0e243e01-SIN
expires: Tue, 06 Feb 2024 21:13:43 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 749B 33 KB
11 KB 131ms
131ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1603
x-amz-cf-id: mg_CK2k1sUJ9jfKsrxal3k8tkVw0RlVIA0LCSn8-RQ9iCi8JHaHA_g==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 749B 0
336 B 593ms
593ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=2&_ls=3&_cc=sg&_pl=d&_b=chrome%40121&_cbid=1enh&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.106
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HE7kkcguCqdNs3AhTfgKvzopqqxyUjglcD3ieq%2Bf1uJJ%2B0ln%2Fn7CPPgkWUPVu6usZO%2FR8lC6v4W%2Fdz4JhcRkYTXHFhYh%2BA6PL9xJpg3FpqPhfHdIYly2wpx8xodwHFHsVHElbSSM%2BYntQg%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665308cd75f5e-SIN
expires: Tue, 06 Feb 2024 21:13:07 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame DE84 0
433 B 315ms
314ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
x-t: 1.32
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fo0PEPBwmLyZLpalkOKvy%2FRxYH7OAgLGsLN9SIr6U1OysYEyeyZcI4tS8B0jn6VHel9Wxkg6RB183vKGVVD4nN8%2Bw8cIdtZuglqpmPJ9Z079zQkbDhrntWDqs0E3H91MrQGnAB5BGzmCzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 8516652f1e273e01-SIN
expires: Tue, 06 Feb 2024 20:19:00 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame DE84 33 KB
11 KB 125ms
124ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1603
x-amz-cf-id: Q5KjaI8bBJrribaCOzOJ0ncudJyZ1RJwVwl-DSPdvruaC6lzi4Wk4Q==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame DE84 0
289 B 593ms
593ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=6snwpnk6n2&_pv=3&_ls=5&_cc=sg&_pl=d&_b=chrome%40121&_cbid=bxb8&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.111
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8RjDUT1O%2BLA6yLm5ylaelHgO7C%2BneeiAqZPFNz8L7BDZb%2B%2Bm1FdwGPy7zLwYBV6dC6iS%2FPwygVYSGbGMS30XSjEkelC8uvfvUUAgi5AvBW50htt5svrkxFaLsmYueDiWrc7KSnuiMg6%2BkY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665308cd85f5e-SIN
expires: Tue, 06 Feb 2024 21:13:07 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6C18 11 KB
4 KB 131ms
126ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78808
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516652f2d3440e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 8B6D 10 KB
2 KB 64ms
63ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:07 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 6BD6 108 KB
13 KB 69ms
63ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6BD6 227 B
273 B 159ms
154ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6BD6 2 KB
353 B 173ms
169ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 6BD6 28 KB
8 KB 157ms
153ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6BD6 86 KB
29 KB 159ms
155ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6BD6 13 KB
5 KB 178ms
174ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6BD6 157 KB
26 KB 112ms
108ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567700
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6BD6 30 KB
7 KB 120ms
116ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048132
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516652faaff89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6BD6 21 KB
8 KB 127ms
123ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084193
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6BD6 62 KB
16 KB 147ms
143ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368803
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 6BD6 258 KB
258 KB 17643ms
287ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:25 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 6BD6 4 MB
4 MB 18012ms
311ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:25 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 6BD6 53 KB
53 KB 22572ms
307ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:32 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 6BD6 652 KB
652 KB 22886ms
298ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:32 GMT

GET UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 6BD6 0
0

GET SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 6BD6 0
0

GET PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 6BD6 0
0

GET WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 6BD6 0
0

GET velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 6BD6 0
0

GET BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 6BD6 0
0

GET SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 6BD6 0
0

GET fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 6BD6 0
0

GET FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 6BD6 0
0

GET IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 6BD6 0
0

GET LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 6BD6 0
0

GET hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 6BD6 0
0

GET marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 6BD6 0
0

GET mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 6BD6 0
0

GET DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 6BD6 0
0

GET 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 6BD6 0
0

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 6BD6 3 KB
1 KB 81ms
77ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6BD6 8 KB
2 KB 18ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6BD6 6 KB
2 KB 19ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6BD6 112 KB
34 KB 20ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6BD6 4 KB
2 KB 85ms
76ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6C18 75 KB
76 KB 53ms
53ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225046
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516652fcf9940eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame 9885 135 KB
135 KB 493ms
493ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:07 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 21:13:07 GMT

GET
DATA 200
OK truncated
/ Frame 9885 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 8C8A 0
429 B 295ms
292ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 1.1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIhpOC8nAQN7FQYzILvz6EUxeMr85sH3lhnE%2FbWOYMIW4mtvkNZPtqd2NTn0mU9il5Cqg%2FMkqUvgafQbCcxem%2FmN6nIRIQxqHcmO4vGQpLdXuL8NhI6fByf9kcS7LM6I0a%2F2ZWcCznnaYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 851665305f763e01-SIN
expires: Tue, 06 Feb 2024 20:47:24 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 8C8A 33 KB
11 KB 31ms
28ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1603
x-amz-cf-id: N6gMXc9Uon73_sLPOVaaUvC3kN_--8B31lFyuKdyKJ02SDXzYnq41g==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 8C8A 0
287 B 363ms
361ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=2&_ls=2&_cc=sg&_pl=d&_b=chrome%40121&_cbid=1iyn&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.087
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWz9WNH2%2FVBGnIHA8N6eD9N4qr%2FGSEbHtNXKL%2FQpaesFa0xpum6STWNZCxzJJnXXt3HOMi04XMIvZDHFhWLSzFw6FpLhedbDnoc7sb0%2FNrinxrNYlJ1EGVNbQbJZHuTQ1nEZbGm6MumGijY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665308cd95f5e-SIN
expires: Tue, 06 Feb 2024 21:13:07 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame D157 0
444 B 362ms
360ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 1.28
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkoG7fXFIzzewNs36tTvlyyC38pzXoA5MdZJohC9VzQxCEDw23Ly4njUAyRWOQB4VKksTLYd%2Fn97H01lKA5lFq0tsI41vPfE2g4lNuPUzE6nnSOLJNYfKFiiX1HM51%2BC0SNAhtwARyxAyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85166530bfec3e01-SIN
expires: Tue, 06 Feb 2024 18:52:38 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame D157 33 KB
11 KB 23ms
21ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1603
x-amz-cf-id: H-Pn7S9pjHusIWPIO5AZznO0a4kuWwQyNLGiTA9l41RIED4EK-Ydag==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame D157 0
287 B 372ms
371ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=3&_ls=3&_cc=sg&_pl=d&_b=chrome%40121&_cbid=3v4t&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.15
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n61XAsGKL%2FT%2BRqvlwLB60Pfk5uN3egSYrZHMauW4Pyr0lelKDQBpKVV7HLI1hWVy0BWofthIhtpREs85AJBkGZ5l1MAUVFMsks8cDSRikzsw6gyn6rr9U7XTegpVfmeYQn6pnOigymSW14A%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85166530cd155f5e-SIN
expires: Tue, 06 Feb 2024 21:13:07 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame D3E5 41 B
336 B 226ms
226ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame C463 5 KB
2 KB 18ms
17ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1437
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: _fiXVpOJS1BqNfcW7w2fHs1KS3zIJZV9QrriCw3pRyfjrX2iO0Gzzw==

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 5188 43 B
573 B 253ms
252ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=79530

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame CE9C 85 B
482 B 18ms
17ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606831
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: U_Huey83Yr2fCgFr2Tf7mLxPU-DdEOMCOJt76uNRJRAVuekFGxTf8Q==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame CEBC 43 B
573 B 247ms
246ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=83920

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bungaprediction.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 677D 85 B
481 B 14ms
14ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://bungaprediction.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606831
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: kPGTogbC6u9IrnoeOOIoJ-52GHKMRtcn819QKWUivmGxgqvk_tEung==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame D157 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 6B81 245 B
1 KB 38ms
37ms XHR
application/json 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a91356cedd62ba745fd9c4ee8d59db8a51b65f1005250f147e53b83e8ac1acf8

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vip.roomangkasa.top
cache-control: no-cache
x-server: 10.42.14.155
access-control-allow-credentials: true
content-length: 245
expires: 0

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame C51B 22 KB
12 KB 23ms
22ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72163
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665312e5740e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame C51B 6 KB
3 KB 339ms
338ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-138833902&@b3:1707253984&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82471bbceadaf52781fd5409b5a82f71d31ff5cd19171cf46df469af10ac413b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.271
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exLcUB9WJqlgbIZodNZljuMqJaJBvBBE7rG1fcxZ2e4mdwNwqswRsGjsaMqXBEic%2FxJ4R%2FNTd8GBPD4PjqChqh7n4O1%2B3CuufeUpeiFG0KMhxzmHj6bDG0TOsyLD5a2bxalkComMHaScljo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665313d605f5e-SIN
expires: Tue, 06 Feb 2024 21:13:07 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 230 B
529 B 14ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 231 B
530 B 14ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2611.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 482 B
781 B 12ms
12ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2611.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2c43a255e95fbdf338309f6c22ac82b0d7fa1a37ee9c97caf5e40d3fed96f8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 482
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2728.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 1 KB
776 B 12ms
8ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2728.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f449.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 563 B
648 B 15ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f449.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f447.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 558 B
643 B 12ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f447.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f1f8-1f1ec.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 881 B
649 B 14ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f1f8-1f1ec.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

b122668cf7bc7f858a7fcb3089d34e181550cb6f9acdd1f6b6ff160849e4b061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f1ed-1f1f0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 5 KB
3 KB 17ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f1ed-1f1f0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

09e586e201b74726d54719f55abcce9d08f96feb7c8c1ef33256097f4f865cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 554 B
639 B 15ms
12ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f449-1f3fb.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E86F 563 B
648 B 15ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f449-1f3fb.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

64edaa6d2ebde84b4473d98ba5895d7f4a46e360717b806a0854204f6c7bdc9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame D426 437 B
572 B 1283ms
252ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-132831216&@b3:1707253988&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d1e8f703775a514b9d8dab40d9471e5d79823f0684afd344ca198d1ced39f791

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:09 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 283A 18 KB
8 KB 32ms
30ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44472
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665322ec240e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 283A 6 KB
3 KB 372ms
370ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:74844923&@b3:1707253984&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6999d8104b1cc4f4bed2b7a2cebcaec2731cacbcd75647c2b2fd52788b096d71

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.23
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqcWQv9RbykBOy4CLBSdjIcV6%2FIviWCj0dpPe0lbL9YpwqBBFKyhMms5p%2F4oSRAvg1UIzo9L%2FOVWvAUDhUUT8UTspgfRqthFCuY2P4OP4lBIZdR5o3Lz4kSaoPGAa9OiF6tHmbddrs8ZoRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665322dca5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:07 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 86D0 41 B
335 B 212ms
211ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 039F 13 KB
4 KB 30ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69696
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665322ec440e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 039F 6 KB
3 KB 370ms
368ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:56660646&@b3:1707253985&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba11710aa7fcd74966de3e79dfa0e8a547cb9858dd7569a9fae3be00fb803943

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.255
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWNNs6EhTQ0k%2BAWyR6EuFtM0ykF4tIE3VIhC5vjqztofsj5TFbEFGJ8lidgwpZe3uzxaFPZvcMDTsYLWDrjsdYI0Kul7zm5UOu0uiModrqEJ2468vtIavOswksHS0AmSoL9dGX8KIyoGXto%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665323dcb5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:07 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E344 0
299 B 375ms
373ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
x-t: 0.98
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9Y2xn3ZEf0D80ujUs7PVJpNFRI3JRk7uMj9fvFIQsQVNPA6mcag3B%2F4nkBTiK5%2FQ3vMhyBPtvjhxjA0khZDKveHlKFkjTvQc%2Bz1AGJ%2BmeqU6HunXeM519FITA4wjRhRnFNoKomABl2Ygg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 8516653238ef3e01-SIN
expires: Tue, 06 Feb 2024 18:52:38 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E344 33 KB
11 KB 19ms
18ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1604
x-amz-cf-id: uepLbmb7576y2ltxbWNjQ1_oguozm52chRWd9NenIbJGDTHPRgT66Q==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 9885 11 KB
5 KB 20ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78809
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665323eca40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame 5ED2 10 KB
2 KB 29ms
16ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:08 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 8473 112 KB
25 KB 75ms
62ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

e35164233b8286bbbe477340b47c3cff4d5e3b50364babdc06648d998a0c8176

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:08 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET partner
sync.search.spotxchange.com/ Frame C358 0
0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C358
Redirect Chain

https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=efdcc23d-3711-4e7d-9744-d189fecb6de8&gdpr=0

49 B
265 B

17ms
15ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=efdcc23d-3711-4e7d-9744-d189fecb6de8&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.15.127
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=efdcc23d-3711-4e7d-9744-d189fecb6de8&gdpr=0
Date: Tue, 06 Feb 2024 21:13:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

c.gif
tag.crsspxl.com/ Frame C358
Redirect Chain

https://tag.crsspxl.com/c.gif?t=57603&gdpr=0
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0

43 B
142 B

240ms
239ms

Image
image/gif

34.232.140.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 34.232.140.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-140-51.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:09 GMT
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Date: Tue, 06 Feb 2024 21:13:09 GMT
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 5
jadserve.postrelease.com/dmp/ Frame C358 43 B
535 B 767ms
229ms Image
image/gif 35.162.162.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/dmp/5?vk=5770c95a28a2ab6f3d35c00d854d7c07/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.162.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-162-179.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:09 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C358
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=5a40d8be277ca7fc5b77d99c5bcddb95&gdpr=0

49 B
265 B

89ms
87ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=5a40d8be277ca7fc5b77d99c5bcddb95&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.17.182
content-length: 49
expires: 0

Redirect headers

date: Tue, 06 Feb 2024 21:13:09 GMT
via: 1.1 1861b67291103164103ad7299a51ed5e.cloudfront.net (CloudFront)
x-clacks-overhead: GNU Terry Pratchett
x-adswizz-request-id: 1aba33b9-9477-4b94-afbd-60aacd83951c
x-amz-cf-pop: MRS52-P5
x-cache: Miss from cloudfront
location: https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=5a40d8be277ca7fc5b77d99c5bcddb95&gdpr=0
x-amz-cf-id: B6kXgwuvxeAu3OtGZ9P0-fqLj_GKPd_KqnrP7iMcff4Fmi9XUXmzQg==

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C358
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0
https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0&_bee_ppp=1
https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AACl-E7LhUIAABPXK-wwqQ&gdpr=0

49 B
263 B

54ms
53ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AACl-E7LhUIAABPXK-wwqQ&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.2.56
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AACl-E7LhUIAABPXK-wwqQ&gdpr=0
Date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

MAP.d
map.sddan.com/ Frame C358
Redirect Chain

https://map.cookieless-data.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=&bounce=1

42 B
862 B

163ms
163ms

Image
image/gif

212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=&bounce=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

HTTP/1.1

Server

212.83.160.162 Dordives, France, ASN12876 (Online SAS, FR),

Reverse DNS

online-prod.ipsfailover.com

Software

nginx/1.20.2 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 21:13:09 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 42
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 21:13:09 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Location: https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=5770c95a28a2ab6f3d35c00d854d7c07&gdpr=0&gdpr_consent=&bounce=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2

200

rand=683838214
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/ Frame C358
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=683838214
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=683838214

49 B
264 B

21ms
20ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=683838214
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=113%2C158%2C156%2C86%2C132%2C121%2C140%2C2&b=1164465%2C1163901%2C1162267%2C1163897&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.0.207
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:08 GMT
an-x-request-uuid: 34c35a1a-9a80-4a38-bc5e-f60e1843cad0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=683838214
x-proxy-origin: 209.58.162.239; 209.58.162.239; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
dmp.adform.net/dmp/profile/ Frame C358
Redirect Chain

https://dmp.adform.net/dmp/profile/?pid=10131&sg=97485
https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=97485

35 B
230 B

48ms
48ms

Image
image/gif

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=97485

Requested by

Protocol

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

Redirect headers

location: https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=97485
date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0

GET
H2

200

/
dmp.adform.net/dmp/profile/ Frame C358
Redirect Chain

https://dmp.adform.net/dmp/profile/?pid=10131&sg=37987
https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=37987

35 B
231 B

49ms
49ms

Image
image/gif

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=37987

Requested by

Protocol

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

Redirect headers

location: https://dmp.adform.net/dmp/profile/?CC=1&pid=10131&sg=37987
date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0

GET
H2 200 /
dmp.adform.net/dmp/profile/ Frame C358 35 B
230 B 52ms
45ms Image
image/gif 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?pid=10131&sg=44476

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

GET
H2 200 /
dmp.adform.net/dmp/profile/ Frame C358 35 B
230 B 53ms
46ms Image
image/gif 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?pid=10131&sg=40438

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7DB2 766 B
1 KB 37ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648979
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 4MQFnAf-2Gt-qQTFkxnqe6tHHgPuuv4pUHQQ-59yvLgP-si8vlNcgQ==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 3AE5 766 B
1 KB 37ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648979
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: _FpTIzS5fV96n36wMzaYm15J0u8ZX9umjcoKjUywJ9TXqR2u51O_JA==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 8B6D 15 KB
3 KB 17ms
15ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 9885 75 KB
76 KB 20ms
19ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135604
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166532fb5e40eb-SIN
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-japan/ Frame 6972
Redirect Chain

https://vip.poltar2d.info/paito-warna-japan
https://vip.poltar2d.info/paito-warna-japan/

274 KB
38 KB

49ms
49ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-japan/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

2f909540c04c567a95aee6133b7457d4d323551ab782a9d0aac538a023642c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:08 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/101>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=101>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:08 GMT
location: https://vip.poltar2d.info/paito-warna-japan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame CE9C 766 B
1 KB 14ms
13ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648979
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: q5RRY8ve6qJDYpXpnvh3XOzwRtG-7UdPzV7_skcvFxPZoTXouEfQ3g==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 677D 766 B
1 KB 13ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648979
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: QrQsvVUxwnYHZsNJfDeZxW3anHB7wjGn-OVw4uoJjN3ZoAKZUTN3XA==

POST
H3 200 a
a.dtssrv.com/ Frame 6B81 0
457 B 270ms
270ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A01707253979BCFF8072BEF59FBE4F&k=lotpano&v=6c29fc5aadea751b0b1d3620a6efa9fb927a6f2d07eae536a8b443b67554abb9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyx96ZQbVRMx5GOcnBA9%2FOliGlhMdzC8z%2FCAMLO8r%2FDnyQj00Z1iLRtGAk%2Bv3Kd1dzYCo%2Fp%2BcqQQpd%2FhIeExah9lR%2FlQUx8fB9LuqXDqmRcngjU3zW26TrBnwgcwzhSKvf9FnBUEfBAPMU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85166533cd623fb6-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame F32C 2 KB
1 KB 11ms
9ms Document
text/html 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 5350
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 19:43:58 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
x-amz-cf-id: 6tAAXyD1WW3i5sibUXLJIU2IVuUL2M-ip3XvhPMUsEiAHJIq39oayw==
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame E344 43 B
573 B 247ms
246ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=61317

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:08 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 0B17 5 KB
2 KB 11ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1438
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Dx14zXzkq9B-Sp6mGC59X8jM0Ay2ndOL6skNQijXCVx2JSZow17cxw==

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame 28B5 436 B
571 B 967ms
245ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:184029864&@b3:1707253988&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 229db54085cf76b43890df9f5f316b175c1151f3fdf6e7fbbaee39fbb986913c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:09 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5ED2 15 KB
3 KB 10ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 6C18 18 KB
5 KB 11ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
DATA 200
OK truncated
/ Frame EF1B 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4AEB 11 KB
4 KB 26ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78809
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665372a8640e8-SIN
content-length: 4547

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 8473 108 KB
13 KB 19ms
17ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:08 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 8473 227 B
332 B 49ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 8473 2 KB
353 B 50ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 8473 28 KB
8 KB 50ms
36ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 8473 86 KB
29 KB 50ms
36ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 8473 13 KB
5 KB 53ms
39ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 8473 157 KB
26 KB 40ms
27ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567701
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 8473 30 KB
7 KB 45ms
31ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048134
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166537585289a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 8473 21 KB
8 KB 38ms
29ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084194
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 8473 62 KB
16 KB 37ms
30ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368804
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 8473 258 KB
258 KB 22290ms
305ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:31 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 8473 4 MB
4 MB 22403ms
324ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:31 GMT

GET FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 8473 0
0

GET FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 8473 0
0

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 8473 1 KB
1 KB 774ms
256ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: ce02f63df1192e76c52df28c9fefe73683c7eebeccb01eed81f247a7aa09caf5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Connection: close
ETag: -641061621
Content-Length: 1131
Content-Type: image/png

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 8473 8 KB
2 KB 15ms
7ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 8473 6 KB
2 KB 15ms
7ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 8473 112 KB
34 KB 16ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 8473 4 KB
2 KB 23ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/live-sydney/ Frame 2394
Redirect Chain

https://vip.badutprediction.info/live-sydney
https://vip.badutprediction.info/live-sydney/

104 KB
20 KB

252ms
252ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/live-sydney/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ab0434433ee1381ea64150ded53179214f675203c4879c8cf6673a6251b3a501

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/jalur-shio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:09 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/249>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=249>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:09 GMT
location: https://vip.badutprediction.info/live-sydney/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 874B 16 KB
6 KB 67ms
50ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13071
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166537aada40e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 874B 6 KB
3 KB 388ms
371ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20SYDNEY%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-9479445&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7043a600b489efe3a2498c4f449b9c9cc59a5e9d5a9b26953582c5c9f2ff61ef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
x-t: 0.449
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQEh6amlGQu9Mako1waZj0siB4bn%2FtqLb3HTJ1N6Ox8Pogqhnmg%2Bpi6YOUooxTRVRnaTQW1gMCmMJzY9PGSvPRfXHTxG3zQf9iijIU4ue5ZBO3P4yX5n6AEJMFu6Pk%2Bq%2BOCRENbEPKaUf1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166537a8ae5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:08 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 0F3C 22 KB
12 KB 107ms
90ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72164
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166537aade40e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0F3C 6 KB
3 KB 391ms
375ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-167662446&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7029d0297000e76c78bd954655a0e38071a58c03bfe26dc631e7747c7d4751

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
x-t: 0.45
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12hssW2TEtDB8SZG4Iz5xhIfJ5Zwid5xJ7r3y91uLEQxL%2Bkp7MFrXT41iCziZJvgICICoA6XtOj9vvVA%2Bb7AfdNOEur7GYZ%2FLS5lwB%2BFWtmH1nAtSfkOGv%2BLrAqWAMCAq%2BPEMbf398glAuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166537a8af5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:08 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame 28B5 18 KB
5 KB 40ms
33ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
DATA 200
OK truncated
/ Frame 0E2A 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 6B81 41 B
333 B 206ms
205ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame EF1B 11 KB
5 KB 21ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78810
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166538fc1540e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame F662 10 KB
2 KB 18ms
17ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:09 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 6972 108 KB
13 KB 14ms
9ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6972 227 B
273 B 36ms
31ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6972 2 KB
353 B 36ms
31ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 6972 28 KB
8 KB 43ms
38ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6972 86 KB
29 KB 34ms
29ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6972 13 KB
5 KB 102ms
98ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6972 157 KB
26 KB 17ms
12ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567701
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6972 30 KB
7 KB 31ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048134
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516653959e489a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6972 21 KB
8 KB 15ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084194
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6972 62 KB
16 KB 20ms
16ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368804
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 6972 258 KB
258 KB 22294ms
284ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:31 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 6972 4 MB
4 MB 22651ms
299ms Image
image/gif 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 21:13:31 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 6972 95 KB
32 KB 18ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 6972 2 KB
780 B 70ms
63ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 6972 13 KB
3 KB 72ms
65ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 6972 3 KB
1 KB 146ms
142ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6972 8 KB
2 KB 76ms
69ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6972 6 KB
2 KB 77ms
70ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6972 112 KB
34 KB 79ms
72ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6972 4 KB
2 KB 149ms
143ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame EF1B 75 KB
76 KB 28ms
27ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225048
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166539685340eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 2FCB 5 KB
2 KB 11ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1439
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 635mpMKIG1J409Dr4i9TH9Moy5eFcIaNdVIIEWj90Qz53Wu64CEToQ==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame AB2A 5 KB
2 KB 11ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1439
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Fmz_Bfb6VG0yg5w6DVOjXCYMikwUrzjRck7oGpE_TZAyzTLJ--sReQ==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame B318 43 B
573 B 257ms
256ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=34799

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:09 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 8
Content-Type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame E344 0
145 B 249ms
248ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=14520&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7D81DE7D9087415CB1660F2F1EB28FFA Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQuXNkYorZvqpLxEfQ==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0E2A 11 KB
4 KB 19ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78810
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516653a3cf140e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 0741 10 KB
2 KB 15ms
15ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:09 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 538B 41 B
333 B 215ms
207ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 538B 0
587 B 286ms
284ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
x-t: 1.57
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H88tBh36GreMvlDUKVfTnuHvZm4H8zPV9sARPNnNUe9%2B3cxjf3QUXu72MombKi8RwOucJxTk7l5GEIAkZSw7OO4Ey%2Ff5JGo6ZNWzo%2Frtk6Xq1U9OcwSkmqKFrbgvQ6H8rZ98LLy55zzhsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 8516653a5ed93e01-SIN
expires: Tue, 06 Feb 2024 21:10:37 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 538B 33 KB
11 KB 17ms
15ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1605
x-amz-cf-id: SysPPlDzvP1WNB3BAQNu7FqPHDdOl6y3lxqZoLSN3NRg5yrVazbhQA==

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 799A 437 B
572 B 857ms
259ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-163802713&@b3:1707253990&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 253b8cbda7d29e9fae09974fcc3a4700eda45e8bf59a07df24237e5f254b6401

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 6C18 438 B
573 B 869ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:189905818&@b3:1707253990&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 35003430f8e39078c9a00375d5611e004a8d187f4d4cbd16bb8dddbf340bfd21

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame FBEB 18 KB
7 KB 26ms
25ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 83849
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516653aad2240e8-SIN
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame FBEB 6 KB
3 KB 335ms
334ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-173583896&@b3:1707253986&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a05becc09270edba4b51cd19df0b22d893587d7657b848c14df1f085e8516b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
x-t: 0.292
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bthngpbpk%2FjoZzi7ehsRpFjg9h9q6L%2BqC1GoPYPfiR44qxczgs9LarPkdT4lzrv2zpTeEQXUYh%2Bs6Ivb1KHT3wi6ro8q%2F9RhC6XAwObnTCG88swSwM6fQKEZ%2FFz0PKWE3kaQTHsV%2F3s1P8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516653aaaf35f5e-SIN
expires: Tue, 06 Feb 2024 21:13:08 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 0E2A 75 KB
76 KB 19ms
19ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225048
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516653ab95d40eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame C463 41 B
333 B 210ms
206ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 749B 5 KB
2 KB 17ms
15ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1439
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: QCSnSXgK1mncUJw9gnQlBlBZsIY_a6MHInpxj8FEd6C1ZVy8lH-kyw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame DE84 5 KB
2 KB 16ms
14ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1439
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: x-mbrxVtVhjUGZ4Z_GZUK-Q11uAZhWSqW1TxGnsh1YbPq4lfUAnduA==

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame EF1B 18 KB
5 KB 44ms
44ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame F662 15 KB
3 KB 11ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:09 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-taiwan/ Frame 34D9
Redirect Chain

https://vip.poltar2d.info/paito-warna-taiwan
https://vip.poltar2d.info/paito-warna-taiwan/

274 KB
38 KB

50ms
50ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-taiwan/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

3b3852caf0fb7aa918b99dd568c89ee31af5f0ea92e23fea31f00edb8d6bcf92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/buku-mimpi-4d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:10 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/105>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=105>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:09 GMT
location: https://vip.poltar2d.info/paito-warna-taiwan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 0741 15 KB
3 KB 18ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 9885 18 KB
5 KB 16ms
15ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame DD1E 43 B
573 B 247ms
246ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=2029

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 43CC 43 B
573 B 250ms
249ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=66865

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 8B6D 11 KB
5 KB 26ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78811
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516653e9ed640e8-SIN
content-length: 4547

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame 2394 108 KB
13 KB 22ms
21ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 2394 227 B
271 B 53ms
50ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 2394 2 KB
374 B 54ms
50ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame 2394 28 KB
8 KB 54ms
51ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 2394 86 KB
29 KB 116ms
112ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 2394 13 KB
5 KB 103ms
99ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 2394 157 KB
26 KB 17ms
14ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567702
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2394 30 KB
7 KB 30ms
26ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048135
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516653ebd8f89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 2394 21 KB
8 KB 22ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084195
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 2394 62 KB
16 KB 21ms
17ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368805
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame 2394 2 MB
0 20ms
16ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 2394 0
0

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame 2394 43 B
182 B 744ms
249ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 2394 3 KB
1 KB 264ms
261ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 2394 8 KB
2 KB 11ms
8ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 2394 6 KB
2 KB 13ms
9ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 2394 112 KB
34 KB 13ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 2394 4 KB
2 KB 39ms
35ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/pola-dasar/ Frame 60E5
Redirect Chain

https://vip.poltar2d.info/pola-dasar
https://vip.poltar2d.info/pola-dasar/

120 KB
26 KB

59ms
58ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/pola-dasar/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

f1fb4cf4aace7e9d5bc9896c934708c2b09bc05a783ceb3721c898e0c508a148

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/buku-mimpi-4d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:10 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/193>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=193>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:10 GMT
location: https://vip.poltar2d.info/pola-dasar/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 8C8A 5 KB
2 KB 16ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1440
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: h-756dG9WGaE7PCFLFgM4_nQ1-bpTDdzn6OplOMz6io54N3TqQTGhg==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6BD6 11 KB
5 KB 25ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78811
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516653faf5a40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 3D28 10 KB
2 KB 17ms
16ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame D157 5 KB
2 KB 20ms
17ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1440
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 18OZwXNGoF8xx-08dZVXWH_NwdwX2WFluFcLx_vW3KxqRPYdLa9eoA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame C51B 0
438 B 340ms
336ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-t: 3.36
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPuxO77HENUv8kLqjRxwznUoPAJkN4dJeBC1i5oxIlTHLGUKusjLBLWWYPyhFMhFvtflnNTJafnI4wXfR%2F4CNbBHMRdEBif%2FRZdpJ4F1XiEDdlaozyv5eZHr%2FJ7ziZcSXwPcEppmd%2FDG9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 8516653fdb053e01-SIN
expires: Tue, 06 Feb 2024 21:16:49 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C51B 33 KB
11 KB 22ms
17ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1606
x-amz-cf-id: MXHFmnhW2OgxkDbSefnnIxwPNoPWbLPdK4BFrUOAnFJd4KJu9qqe5Q==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame C51B 0
331 B 365ms
361ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=twqq6o3xxo&_pv=3&_ls=6&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6870&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-t: 0.178
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59JFr0htbxoSDUDUmn0SVsqF%2FPyDZemNnLaszXHgCAstNlTBl2Sa06tmsRai0H9F30%2Filzfb5gAKxoFupLkPFiLnHiX1KVMxmah8T345EXWF8n4ZjHfccq89Kci8%2FL4Xem%2BA3iLWixTJQ%2FQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516653fde1f5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:09 GMT

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame 9885 435 B
570 B 727ms
239ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mJALUR%20SHIO%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:187553412&@b3:1707253990&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 92058466e95b4fb7d604972ddb055d7f9513afaabdb936886991de7b494e3d9f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:10 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 0B17 41 B
335 B 208ms
207ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://w1.bungaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 283A 0
469 B 1298ms
1296ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-t: 2.53
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ej2sSC6aZmeXKKus7CG5rEzIX%2FR5pbcOpOR0BAp4qj%2FcDvCYZ1akRDe8rW2JFEEKqSYRib%2B%2Bz%2BSQo8lkLd%2BJ6Pa%2BWaO4h9N7zBgMVdfZ%2BqezYr%2FxnFHM%2FFLSAmc0f1H%2BEOoQvuFWX4L5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516653ffb1e3e01-SIN
expires: Tue, 06 Feb 2024 21:13:47 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 283A 33 KB
11 KB 21ms
19ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1606
x-amz-cf-id: 1n-pmmoPEA3QQ_xnGOs02I88XoQslVWBeEv2N3BYRgLpXVk_DcxmHA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 283A 0
292 B 336ms
334ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=3&_ls=5&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6q8m&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-t: 0.092
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lsqAi9WCXbtJUJBhkcgJMWooLmvex59Win30ch6q6%2BKwmb7glOzm1TwjFsUQlfZxu49xyIJQxUZZSH6wdztuMe1jXzARQ%2F1zLamaMa62%2BGR6sKvymmMN%2FtVFX%2BejBZnjZ04fNThVosY5qc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665400e445f5e-SIN
expires: Tue, 06 Feb 2024 21:13:09 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 039F 0
449 B 280ms
278ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-t: 1.29
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtnjsWTt59%2FeReGf5Ph3xNpmvrydiodDRLpQ9h8I%2Fm8sdqEWj5AsTkgmaVLQF9hn7HKegb7E%2BcYX4bKgj4vTzenPfBStrrfOXrnpi7h2eckriGdnAvl%2FAEPc5QI70duyR7ojdrcFx7gvaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 851665400b223e01-SIN
expires: Tue, 06 Feb 2024 18:52:41 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 039F 33 KB
11 KB 21ms
19ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1606
x-amz-cf-id: TZykJXFedBW0xZOpZc6K8SFyCWID1mZAiK9HL6zZwpgIU3Ls1lDxdQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 039F 0
286 B 370ms
368ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=1k5shfatpr&_pv=3&_ls=8&_cc=sg&_pl=d&_b=chrome%40121&_cbid=61pp&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
x-t: 0.083
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSB5AWnrTjchwWSY%2BeDKgRdzV%2Fi6RwAePuPyNlqkYjyiUlEeSv2qU3hO0HW2M%2BPePGLadoo7IKIBGU4yRTUDeQZeWJ4Vq0IqYDHZdwLKvjoJTeoGWOgNlq3XnghEBpKH8Poqz7VSICkvxSY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665400e565f5e-SIN
expires: Tue, 06 Feb 2024 21:13:09 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5ED2 11 KB
5 KB 27ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78811
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665400f9340e8-SIN
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6C18 230 B
529 B 14ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6C18 231 B
530 B 14ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 6BD6 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6BD6 75 KB
76 KB 21ms
20ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225049
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665406e2140eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame B318 0
146 B 246ms
245ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=53289&pu=https://vip.badutprediction.info/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DDAACCA7A53047C8BD9B2C6C30D53F97 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQuqvcryQ4OWnWlBtQ==

GET
H2

200

merge
ce.lijit.com/ Frame E344
Redirect Chain

https://um.simpli.fi/lj_match?r=3568
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
735 B

205ms
205ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:10 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 34D9 108 KB
13 KB 13ms
11ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 34D9 227 B
273 B 34ms
32ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 34D9 2 KB
353 B 34ms
33ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 34D9 28 KB
8 KB 38ms
36ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 34D9 86 KB
29 KB 32ms
30ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 34D9 13 KB
5 KB 93ms
92ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:10 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 34D9 157 KB
26 KB 15ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567703
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 34D9 30 KB
7 KB 26ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048135
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166542780a89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 34D9 21 KB
8 KB 18ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084196
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 34D9 62 KB
16 KB 19ms
14ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368806
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 34D9 0
0

GET HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 34D9 0
0

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 34D9 95 KB
32 KB 18ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 34D9 2 KB
780 B 71ms
61ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 34D9 13 KB
3 KB 72ms
61ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 34D9 3 KB
1 KB 140ms
134ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 34D9 8 KB
2 KB 41ms
31ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 34D9 6 KB
2 KB 42ms
32ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 34D9 112 KB
34 KB 44ms
34ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 34D9 4 KB
2 KB 143ms
132ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame E86F 16 KB
6 KB 21ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13072
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654338f840e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E86F 6 KB
3 KB 360ms
360ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20HONGKONG%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-181463131&@b3:1707253987&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e140a3124ae30a817cdd0ed4e99329fb4bebe5a89b437793966b49bfd5d3c521

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-t: 0.197
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMw%2BFYuMbzUWgYGjPS%2Bau1d3dd2hTif9BvR1xKsHzu1IX8SYbTNHRvc2zSPu%2Fzs9SAJxR4RWNKBAPF%2FfQmd6%2BivpzIjk6uyA3zU2f5t4PsQsY%2Fx%2Bt%2FMym3DZtgRNnn5biRREnzyIT2%2FIUuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516654348705f5e-SIN
expires: Tue, 06 Feb 2024 21:13:10 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 25C0 22 KB
12 KB 22ms
22ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72165
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166543491040e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 25C0 6 KB
3 KB 364ms
363ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-104907810&@b3:1707253988&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c378872b59bf55dbeff2c762612827049cf63ee3008a1e1602c36d1b213fd142

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-t: 0.226
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0pWtegxSTYdZMqkpUH9Hjm%2FxVhM6YRN9R0CdlJLfwQFP339SuTCpCRqEZyBT7PjNaelMg%2ByYlVDUaiZEqUxYnFBcoJhdZ3FERUbK97d1AFVLx8ZSLTJDMrvv2Vog4%2Fel0g648sXhS1pwrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516654348755f5e-SIN
expires: Tue, 06 Feb 2024 21:13:10 GMT

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 732ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:43200612&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 734ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-61153650&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 735ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:57574291&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 739ms
245ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-47367353&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 742ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-165503824&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 747ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-14293321&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 740ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-97352451&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 734ms
239ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:182986009&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 738ms
245ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:110546295&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 776ms
260ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:178856430&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 1444ms
242ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-117668152&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 1465ms
245ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:126366142&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: da095982f14545c855e8fccf2e70af30b165aa99cee7a6b3811d9c5ab71ee22e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 753ms
248ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:117340487&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: da095982f14545c855e8fccf2e70af30b165aa99cee7a6b3811d9c5ab71ee22e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 810ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-83189620&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: da095982f14545c855e8fccf2e70af30b165aa99cee7a6b3811d9c5ab71ee22e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 1455ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:29888633&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: da095982f14545c855e8fccf2e70af30b165aa99cee7a6b3811d9c5ab71ee22e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4AEB 439 B
574 B 1447ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-25988402&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: da095982f14545c855e8fccf2e70af30b165aa99cee7a6b3811d9c5ab71ee22e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame D3E5 43 B
573 B 235ms
234ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=64291

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 60E5 108 KB
13 KB 14ms
9ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 60E5 227 B
273 B 37ms
33ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 60E5 2 KB
353 B 37ms
33ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 60E5 28 KB
8 KB 39ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 60E5 86 KB
29 KB 81ms
75ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 60E5 13 KB
5 KB 73ms
67ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 60E5 157 KB
26 KB 15ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567703
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 60E5 30 KB
7 KB 23ms
18ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048136
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665458a3d89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 60E5 21 KB
8 KB 17ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084196
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 60E5 62 KB
16 KB 18ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368806
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame 60E5 0
0 60ms
51ms Script
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 60E5 3 KB
1 KB 95ms
89ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 60E5 8 KB
2 KB 18ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 60E5 6 KB
3 KB 18ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2490
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 60E5 112 KB
34 KB 19ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 60E5 4 KB
2 KB 39ms
30ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 3D28 15 KB
3 KB 18ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:11 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame EF1B 438 B
573 B 1272ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:40543754&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 35003430f8e39078c9a00375d5611e004a8d187f4d4cbd16bb8dddbf340bfd21

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-cambodia/ Frame E567
Redirect Chain

https://vip.poltar2d.info/paito-warna-cambodia
https://vip.poltar2d.info/paito-warna-cambodia/

274 KB
38 KB

62ms
62ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-cambodia/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

4b13e52f7d273fbc097b767fd5519d6a7a89fa360960e3bf6eb2fb2a0b2ef01a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/generator-angka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:11 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/107>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=107>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:11 GMT
location: https://vip.poltar2d.info/paito-warna-cambodia/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame DD1E 0
146 B 251ms
249ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=38883&pu=https://vip.disksusiangka.info/
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4ABAAEB0FE4141109B7C7AFF5CBF2976 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQu3MQmaYRpcZh/hvg==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 43CC 0
145 B 315ms
313ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=87760&pu=https://vip.disksusiangka.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8174FA0DE54F4F92B323796613C66362 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQu3Ms2UEDQx3iFIeQ==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 86D0 43 B
573 B 238ms
237ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=12429

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame D426 18 KB
8 KB 19ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44475
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665475be940e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame D426 6 KB
3 KB 338ms
337ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-132831216&@b3:1707253988&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76fbbd5de8b8380ddd9a282963f0da9397555e7ba8f447f78ca3d59030523729

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-t: 0.216
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpZKD%2Bb%2F3hBexvBP7bAaYkvRYJJey62BeXi45w1OlxAjtPM0SnywF4xF4mfgZRgc638YQ%2FnbjCPQaOHg1Utntz6hrW6iVpjhaZkUgiduznBNdWBUc%2BvK2nQDr2gA7W7S3CoheSREnVamJ40%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665475a715f5e-SIN
expires: Tue, 06 Feb 2024 21:13:10 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 28B5 13 KB
4 KB 20ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69699
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665475bea40e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 28B5 6 KB
3 KB 337ms
337ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:184029864&@b3:1707253988&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d8fd6d83c34a11ab4a26ea47a3e16bb9e0f1d7ebed1caa396fbeb9f532b88e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
x-t: 0.26
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1kjAY8VB8QLHU8A3a%2FpTCUNHV%2F6Yu0bmh5AWmj6EacJnlOOmGgsYUvZHqvfX6ggSnAIJFV3%2Bv8K3g%2F%2BYj1HIUR4iuA9zy%2F6l48CFwVS1tLYYEcvsdrpsPoxDE6GsoON7Xem2hRRueQ2RaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665476a735f5e-SIN
expires: Tue, 06 Feb 2024 21:13:10 GMT

GET
DATA 200
OK truncated
/ Frame 874B 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0F3C 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 2FCB 117 B
407 B 206ms
203ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 14b961b449622cc9905f961164f6a4411387b42e823abaa550f4e29204c5f5e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 134

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame AB2A 117 B
405 B 205ms
202ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 14b961b449622cc9905f961164f6a4411387b42e823abaa550f4e29204c5f5e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 134

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 0E2A 438 B
573 B 897ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:127406741&@b3:1707253992&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 35003430f8e39078c9a00375d5611e004a8d187f4d4cbd16bb8dddbf340bfd21

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame E344 4 KB
1 KB 20ms
19ms XHR
application/json 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 02:37:26 GMT
content-encoding: gzip
via: 1.1 6bba44d47d881e087bd912149e58e0ca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P4
age: 66946
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-id: wMEE79TStpyBIRRb0zIJZx01W332lDPCKOv_hVoHSqQTV3Z4QcfqPA==

GET
H2

200

merge
ce.lijit.com/ Frame B318
Redirect Chain

https://um.simpli.fi/lj_match?r=13087
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
735 B

202ms
201ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:11 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame E344 43 B
573 B 234ms
234ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=95073

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 76A6 85 B
481 B 14ms
12ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606835
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: Zxs-LVb-2WTr21utmqLmEzQbil7xabhQAim5XSMxSuoPw3tg383fJg==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 874B 0
454 B 283ms
281ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 6.9
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2Fj2Mhvt1O0ttWUfT39huhkl6GZ25fblu5jZMbGn00ItsltDXpsOjJPsNpv33dVJSPtdqCATPP43hI5b5WFpmr2SEtnjXho3iRF33sRQtzC%2B1n%2BS4QuZoaIu9J7aI1YWmNeKxJynox9Q5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 851665491b253e01-SIN
expires: Tue, 06 Feb 2024 21:06:26 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 874B 33 KB
11 KB 16ms
15ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1607
x-amz-cf-id: 8baJ821KwWxkCy4QtxXjJVbjuG71SMuY-73AkXIMMnfj2mFkQICmzg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 874B 0
283 B 365ms
365ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=4&_ls=7&_cc=sg&_pl=d&_b=chrome%40121&_cbid=7a62&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 0.091
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BR9vbbrsXVomK51gjyuHEKDCxA7OWZLNCP7CMEmE29yfRgrVSin8vksrOl3moOLxTprw76wbmMiW4mOUG76Hejt1d%2FO3yVrkLGU%2FkDjRludY8IYwjhQQCpwdXAUoFsDRJ4eRDoNvfuoguiw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665491bdc5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:11 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 0F3C 0
418 B 346ms
344ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 1.84
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2X8caUZ9EaXcpWwjdHFJsWCds%2BSQGBDEcGezOBj8zhlWHf4e%2Fanx9w17gQMKW8lxg6Ge2ZxL%2F0CjQVlbaAhgDwmk5bimBA3Q91Sx9vmq9lxChqnMy8dTRz4kpz32zjrr%2B295z3hjpgTv3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 851665491b293e01-SIN
expires: Tue, 06 Feb 2024 21:16:50 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0F3C 33 KB
11 KB 12ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1607
x-amz-cf-id: UyZnuBbmRpT6GGUDo7sjx_FRjxl7eCWIIzNvb4BLIt-3NKHKIe0EMg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 0F3C 0
333 B 335ms
335ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=6snwpnk6n2&_pv=4&_ls=10&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6nmf&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 0.089
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXcX26PiQuIoS06KueNdZHQiRiaxBOoDp%2FZk%2BkbEfkU2v%2BWJcqyqJU2bq3UlVq3kPxDQswEpUL%2FhpkTF9H126fnzQ6xqN6UWn5JuG0MOwNpFBs9fxSiut8g%2BjNdJTDxFSkGE38lpjcdSh3s%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665492be05f5e-SIN
expires: Tue, 06 Feb 2024 21:13:11 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 8473 11 KB
5 KB 22ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78812
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665494cdf40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame B639 12 KB
2 KB 13ms
12ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:11 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 749B 117 B
405 B 205ms
204ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 14b961b449622cc9905f961164f6a4411387b42e823abaa550f4e29204c5f5e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 134

GET
DATA 200
OK truncated
/ Frame 8473 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 8473 75 KB
76 KB 14ms
14ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 465130
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c4f1d4ee3f7913748b6627f04107416
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166549ac3640eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame E567 108 KB
13 KB 12ms
8ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame E567 227 B
273 B 31ms
28ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E567 2 KB
353 B 31ms
28ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame E567 28 KB
8 KB 34ms
31ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame E567 86 KB
29 KB 29ms
26ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame E567 13 KB
5 KB 82ms
80ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame E567 157 KB
26 KB 12ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567704
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame E567 30 KB
7 KB 22ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048137
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516654a2c2c89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame E567 21 KB
8 KB 15ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084197
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame E567 62 KB
16 KB 15ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368807
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame E567 95 KB
32 KB 19ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame E567 2 KB
780 B 48ms
41ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame E567 13 KB
3 KB 48ms
41ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame E567 3 KB
1 KB 131ms
127ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E567 8 KB
2 KB 52ms
44ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E567 6 KB
2 KB 55ms
46ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E567 112 KB
34 KB 80ms
72ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E567 4 KB
2 KB 127ms
119ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame DE84 117 B
410 B 209ms
209ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 14b961b449622cc9905f961164f6a4411387b42e823abaa550f4e29204c5f5e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 134

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame F662 11 KB
5 KB 28ms
28ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78813
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654a3d7c40e8-SIN
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame EF1B 230 B
529 B 9ms
8ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame EF1B 231 B
530 B 11ms
10ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 6972 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0E2A 18 KB
5 KB 13ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame FBEB 0
569 B 351ms
346ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 1.48
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuvgKoZ2HRsOlGkf9U4%2BJAoTmq%2F7BVkBIBwVk7pYN8Of%2FaFM%2BaqwM%2F7BB5ArIJ%2F5E3cwpHi9mttqJK5ol%2FzuMcJ1UOmzhNTKHW1kt1v5EYZbNUHl0CKFYCou3HfSs1yLCxZTOWMnCjhuVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 8516654b3c853e01-SIN
expires: Tue, 06 Feb 2024 20:47:28 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame FBEB 33 KB
11 KB 16ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1608
x-amz-cf-id: h4wJ2ViffdepkWph-Iw8xHvQdo9TuNfQNm1Cmw3o5aAYYviOWaO1zw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame FBEB 0
294 B 369ms
365ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=woyan4849m&_pv=3&_ls=10&_cc=sg&_pl=d&_b=chrome%40121&_cbid=82tb&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 0.087
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZIgGLwh%2ByFhLJpNfIe71VCv2ZAg4eYD0ehf0nFyU%2FC7DGcMnZBUcamRl9cpAJ%2BXHXTjX5pAqqlXDLnJej5XxJ8OPWZtD8likaHpx%2BXkn7fFh%2F7qJirC%2BHRxMMJ%2BVJ8MtD%2BWsAZicM%2FGVek%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516654b3d0f5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:11 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9885 230 B
529 B 10ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9885 231 B
530 B 10ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0741 11 KB
4 KB 16ms
16ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78813
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654b5e2640e8-SIN
content-length: 4547

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame D3E5 0
145 B 245ms
244ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=30131&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E7C99F2A526946CAB8E640558F5C0E57 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQvBAvsIWlI8tPE6FA==

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 8B6D 437 B
572 B 1127ms
248ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-145814078&@b3:1707253992&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 253b8cbda7d29e9fae09974fcc3a4700eda45e8bf59a07df24237e5f254b6401

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 livesd.php Show response
w1.bungaprediction.com/ Frame 1C50 1 KB
581 B 15ms
11ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livesd.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

6103421bd04418c028aca18be8a8bdcdec1a4adb5ddf55d4df7b1a1b8091cfb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 515
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:12 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 76A6 766 B
1 KB 10ms
9ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648983
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: IwRzc4jOXSsrq4_-Pc2JcUAgoFARpWPu5tVvHyS5yB4ozyD9h-pV9g==

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame 2394 135 KB
135 KB 240ms
239ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
DATA 200
OK truncated
/ Frame 2394 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 8C8A 117 B
407 B 207ms
207ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 14b961b449622cc9905f961164f6a4411387b42e823abaa550f4e29204c5f5e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 134

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame D157 117 B
405 B 206ms
205ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 14b961b449622cc9905f961164f6a4411387b42e823abaa550f4e29204c5f5e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 134

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame B639 15 KB
3 KB 14ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 6BD6 18 KB
5 KB 14ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame FAAF 208 B
401 B 14ms
6ms Document
text/html 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c0093d5475d8711d99796e4117710b50919b43b19e9e0caad7561d5292f6e64b

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-length: 208
content-type: text/html
date: Tue, 06 Feb 2024 21:13:12 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.42.13.38

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 799A 18 KB
8 KB 22ms
13ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44476
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654c4ec740e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 799A 6 KB
3 KB 371ms
363ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-163802713&@b3:1707253990&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182e7ec070c9d4e820a201365129286245a30304dcb3eb58356d460ef018485d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 0.227
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgjXWJIeCddo3tZIjT86R1kAqLerYmNNvhb3ABm4CwEKrSut440Ruv9AXLtC3wDco4XzXJcnDyn9RoDXnAB7gREz5RO7sIlKej5r3CvmJ54X%2BSQakq%2BmjB36I959Nx3HRwyvGMf2Mq3rsFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516654c4d9d5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:11 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 6C18 16 KB
6 KB 29ms
22ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13074
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654c4ecc40e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6C18 6 KB
3 KB 370ms
363ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:189905818&@b3:1707253990&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15aa06b5674798218496d39e33badc812b7886c0e84b8e96a5a87ffe1b025706

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 0.203
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXSpa29h7QHfuXSGEaqAYvk1Dr99wk%2FameQn8R%2Fve7sQRpdfBjLfN3yL%2BfacM5JAi2iy6wwIJacjf96AAZZyOLrfgHOpNolp30yRdISsPPCZHAccCxmWpo%2Bs5TeiO%2F9n8M6Ync%2Fk%2FT6QKck%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516654c4d9f5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:11 GMT

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 5ED2 435 B
570 B 1001ms
256ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-51636795&@b3:1707253992&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: bfd84ae265e88d7fa9f5d4c3afb7acd3807cddcb386633824452346fac0218b8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 / Show response
vip.poltar2d.info/buku-mimpi-2d/ Frame 2407 116 KB
28 KB 51ms
50ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/buku-mimpi-2d/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

07248bbd5125b2a47f9906fa744ab093cdbc86071fd966731f42bf18fc10c33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:12 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/216>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=216>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

GET
H2

200

merge
ce.lijit.com/ Frame DD1E
Redirect Chain

https://um.simpli.fi/lj_match?r=98171
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
735 B

201ms
200ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:12 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 43CC
Redirect Chain

https://um.simpli.fi/lj_match?r=24028
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
735 B

202ms
201ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:12 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 86D0 0
146 B 247ms
247ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=88620&pu=https://vip.badutprediction.info/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F1D5559AAA8A4DE18D0ACCAD5777CB9F Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQvFXiTFofeSgfr0YQ==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 6B81 43 B
573 B 237ms
236ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=98454

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 9885 22 KB
12 KB 21ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72167
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654d7fa540e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 9885 6 KB
3 KB 363ms
362ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mJALUR%20SHIO%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:187553412&@b3:1707253990&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792aa0f231a00bd80c22e4ff67396683317471c2626601623b5f00a1aab7fe63

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
x-t: 0.218
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVXFTg6RsWlllxJANhmd1F6Wc90xeU%2FWXyzMhwZtUFV2Smv26Ed%2BR1iWDg17jOWQbj4Wn0KfMUCOvV2qRzQosThEtWmMBoWHftx9jA4nYjbhZCMGYcXvxJLXlMopnVq%2Fm3bPdLqJqq%2BbtY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516654d7e2d5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:11 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame E344 245 B
1 KB 48ms
44ms XHR
application/json 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 36c3e6523a4f20a713648bef88538c856455d6abf908945ad24f0f663c2d09e2

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vip.zonafantasi.info
cache-control: no-cache
x-server: 10.42.5.218
access-control-allow-credentials: true
content-length: 245
expires: 0

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IHkZASZHA2sVaM4OTSeOEoCk/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=5770c95a28a2ab6f3d35c00d854d7c07

43 B
735 B

202ms
200ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=5770c95a28a2ab6f3d35c00d854d7c07
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=5770c95a28a2ab6f3d35c00d854d7c07
cache-control: no-cache
x-server: 10.42.31.191
content-length: 0
expires: 0

GET
H3 200 livesydney.php Show response
w1.bungaprediction.com/ Frame EEF1 1 KB
818 B 14ms
13ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livesydney.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

6103421bd04418c028aca18be8a8bdcdec1a4adb5ddf55d4df7b1a1b8091cfb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 515
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:12 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2394 11 KB
4 KB 22ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78813
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654d9fb340e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame 6BB2 10 KB
2 KB 12ms
11ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:12 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame AC9B 112 KB
25 KB 56ms
56ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

1e54de865f2e77bcdbefcb5c2bae3d2042f5ddffced2178c210a5a043e3af22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:12 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame 34D9 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 2394 75 KB
76 KB 28ms
27ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135608
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516654e1f0b40eb-SIN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 6BD6 438 B
573 B 1341ms
240ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20ANGKA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-56385721&@b3:1707253993&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 35003430f8e39078c9a00375d5611e004a8d187f4d4cbd16bb8dddbf340bfd21

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame B318 43 B
573 B 242ms
241ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=24878

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:12 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 0C7B 85 B
482 B 11ms
10ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606836
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: lATxcIxSQ-YEeIPr8LBhR5YYZkaK2Luzj9cW8HtuUl0uMmuoSWD8eA==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame C51B 5 KB
2 KB 11ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1442
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ts5nrshwqfmKDYxJaCrZyqoIbyIMU2m62SYknYhOg-rVEyOTM2CsIw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 283A 5 KB
2 KB 10ms
9ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1442
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: LZUelHq-VzWaZCf-_M9UY_TKScKg_cQX1GCfzZwt2cZ2nTgpA0FA1g==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 039F 5 KB
2 KB 12ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1442
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: urX_H4FuJB6Wirkmu2bUh2jHALARvRLxU8a-T0hG8CRyHRTx7m_zvw==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 3D28 11 KB
4 KB 20ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78813
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654ef89b40e8-SIN
content-length: 4547

GET
H2

200

rand=928038587
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/ Frame FAAF
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=928038587
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=928038587

49 B
265 B

18ms
17ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=928038587
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.10.142
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:12 GMT
an-x-request-uuid: 3554b9ea-6c06-49a8-ab1c-af5c3229fc85
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=928038587
x-proxy-origin: 209.58.162.239; 209.58.162.239; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E86F 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 60E5 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 538B 43 B
573 B 238ms
237ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=83091

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6972 11 KB
4 KB 19ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78813
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516654fa92c40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame E241 10 KB
2 KB 17ms
16ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:12 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 2407 108 KB
13 KB 9ms
8ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 2407 227 B
273 B 31ms
27ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 2407 2 KB
353 B 31ms
27ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 2407 28 KB
8 KB 34ms
31ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:12 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 2407 86 KB
30 KB 13ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 2407 13 KB
5 KB 98ms
95ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 2407 157 KB
26 KB 13ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567705
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2407 30 KB
7 KB 24ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048137
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516654fcfdf89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 2407 21 KB
8 KB 15ms
10ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084198
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 2407 62 KB
16 KB 15ms
11ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368808
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 2407 3 KB
1 KB 43ms
40ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 2407 8 KB
2 KB 15ms
7ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 2407 6 KB
2 KB 16ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 2407 112 KB
34 KB 16ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 2407 4 KB
2 KB 32ms
25ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:14 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame CEBC 0
73 B 53ms
15ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bungaprediction.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:12 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
72 B 30ms
15ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.disksusiangka.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:12 GMT
content-length: 0
vary: Origin

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E86F 0
442 B 295ms
291ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 1.55
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y884eVxrWx8EbC4OBVuVYZ%2BHzL8MKJnQnA3KCVU4F3up%2BekkeR0jp6VWOw2RK1ZV6e0BxmeI5MzZrTDzpuUin9XDqDTOQfKPiwHN%2F80hbkfetsBhCeHpcnypp8b7%2Bf01OCUyXdDBRIVlzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 8516654fffda3e01-SIN
expires: Tue, 06 Feb 2024 20:47:29 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E86F 33 KB
11 KB 15ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1608
x-amz-cf-id: R1nBgQeM2jO7--i76BzelRJzZe7kVkbQgACfo-BDHSYBRKZzOozNfw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame E86F 0
303 B 366ms
363ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=5&_ls=8&_cc=sg&_pl=d&_b=chrome%40121&_cbid=7fhl&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cb1Ms%2Fz0suWz2jNO7CQzzwbd9VVWlhwAyX%2F7eyXszqQZti422giC5owBnXBAttqbotIAYEuC8tBlk63raJM2vLok8CT%2BZflCJPycVppi2vmk3ptHz8mYFWKpf%2B608%2BAhZP4Yf99aM1qA2BE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516654fff695f5e-SIN
expires: Tue, 06 Feb 2024 21:13:12 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 25C0 0
422 B 367ms
365ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 1.4
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUPIf8aw6bJzQ%2F7XVTHFEs26SNE90z4OoCXt%2Balu1ysvgjWkJCsGzSUjBNn4JH%2FplXiKk73jgeUZg6PkPTVI%2BeSwnQrk3jMxTYzwcfIPT68NRnqxhUc8Li1euaOlqQhewq%2FnjGcWtKSpVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516654fffdf3e01-SIN
expires: Tue, 06 Feb 2024 21:13:49 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 25C0 33 KB
11 KB 16ms
14ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1608
x-amz-cf-id: lUZoneXPrERwn7Yud2Fqz4IJDAkNcsGH7XlKlffNcM3RdxO-4aJ79Q==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 25C0 0
336 B 358ms
357ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=twqq6o3xxo&_pv=4&_ls=9&_cc=sg&_pl=d&_b=chrome%40121&_cbid=1v1x&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 0.105
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsavtoC2h8R3gGUZ2MKKb9FQvhWoqQh%2FninzdB4XKOJeeWPUAoHbQSiqmQRBIY8NXm487zRlAhIM%2F7ZbYECZ0oYOSzZAC3Xu54Nk2bFtVuhotpwcZFgHMtIo9hi3qK2O4KGqaB7P91rxn%2Bw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665500f6c5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:12 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 63A1 0
72 B 16ms
16ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:12 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame C463 43 B
573 B 246ms
245ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=907

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

POST
H3 200 a
a.dtssrv.com/ Frame E344 0
416 B 287ms
287ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A01707253979BCFF8072BEF59FBE4F&k=lotpano&v=6c29fc5aadea751b0b1d3620a6efa9fb927a6f2d07eae536a8b443b67554abb9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRT8z7EZ3%2F5U5a364o9LDWQHTlc3LirebtDcaMiMNaYaV6uI%2FNZZzB0MD3YcKU5xpc0H4WfZBdMB8NOfcnE8AOujyDhcJ2H%2BVaVS8irYtokQrq9N896YCgg%2FIM%2FXYC08Tth%2BIH6YLxercu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85166550287e3fb6-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame F7FB 2 KB
1 KB 14ms
13ms Document
text/html 108.156.133.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.133.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-133-109.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 5354
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 19:43:58 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ae9942460bc2a5eb14623248b73a3c8a.cloudfront.net (CloudFront)
x-amz-cf-id: b9tU-5lP4SY8qgQNcBDtZVSp6-bIdc-WIjivVzQqiZsEDM6fcjioLg==
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H3

200

/ Show response
vip.badutprediction.info/rekap-angka-ct/ Frame D186
Redirect Chain

https://vip.badutprediction.info/rekap-angka-ct
https://vip.badutprediction.info/rekap-angka-ct/

105 KB
21 KB

247ms
247ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/rekap-angka-ct/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

887e3a4782f6ce4211179fe7cd16687b8f4ac3bbb72807beec77aa8370e96520

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/live-sydney/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:13 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/189>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=189>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:13 GMT
location: https://vip.badutprediction.info/rekap-angka-ct/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6972 75 KB
76 KB 22ms
21ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225052
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166550498840eb-SIN
cdn-requestpullsuccess: True

GET
H2

200

merge
ce.lijit.com/ Frame D3E5
Redirect Chain

https://um.simpli.fi/lj_match?r=47975
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

202ms
201ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:13 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 6BB2 15 KB
3 KB 9ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame AC9B 108 KB
13 KB 16ms
13ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame AC9B 227 B
284 B 18ms
15ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame AC9B 2 KB
353 B 19ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame AC9B 28 KB
8 KB 19ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame AC9B 86 KB
29 KB 20ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame AC9B 13 KB
5 KB 30ms
28ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame AC9B 157 KB
26 KB 21ms
18ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567705
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame AC9B 30 KB
7 KB 32ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048138
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166550c85889a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame AC9B 21 KB
8 KB 24ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084198
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame AC9B 62 KB
16 KB 22ms
19ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368808
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame AC9B 1 KB
1 KB 759ms
251ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: ce02f63df1192e76c52df28c9fefe73683c7eebeccb01eed81f247a7aa09caf5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:15 GMT
Connection: close
ETag: -641061621
Content-Length: 1131
Content-Type: image/png

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame AC9B 8 KB
2 KB 15ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame AC9B 6 KB
2 KB 16ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame AC9B 112 KB
34 KB 17ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame AC9B 4 KB
2 KB 21ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H2 200 / Show response
opesia.vip/iframe-live/livesydney2.php/ Frame BEA4 3 KB
1 KB 456ms
404ms Document
text/html 2606:4700:3036::ac43:8f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/livesydney2.php/
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesd.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db3ca4a564b5eb85bd17a7366b1095f8012e1312bf9a88d806d9253c487a3a7a

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 851665512ccd9f91-SIN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOmh8rUukrbizsyST%2BSk%2BZfif%2F5yHh%2BzJPvktNGDOmRAClhLhrf%2FRra66QWL5%2BEh6gyES2NyBE2N4tIiI7BTGwCOfzXPOdzpi%2BZPlw%2B%2Bea29Tdv4PSfzJEqrxMb6Uu6QeR8i885Z3%2B%2B0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 1C50 11 KB
5 KB 25ms
25ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesd.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78814
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166550d99c40e8-SIN
content-length: 4547

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame 4AEB 18 KB
7 KB 32ms
25ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 83853
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166550e99f40e8-SIN
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 4AEB 6 KB
3 KB 346ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-61153650&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442e96bb230c50facdca3ef284ad4a247b89ffac2b1040de9e416c8b9a6cdfd0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 0.204
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E59pa8DE3nu1ntVnNwXq%2FpUCJ%2BomDsXoG%2FTd2lGEpz%2Fy1IjcH86bn4ZHVP1E6CJkDYY12qJNT1EKKcLZhW7d354aPeKwnABGnFZaor%2B%2FRjYtJLoZovc7pciqkusi2GjrX0g1jbJ3DczjOSg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166550efd75f5e-SIN
expires: Tue, 06 Feb 2024 21:13:12 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 0C7B 766 B
1 KB 19ms
13ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648984
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: y0EIoWG6s7De6pOcNc3ttFhINFAk2KKxwd_9LTl_2fInkfWOZlbgrw==

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame 8473 18 KB
5 KB 15ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:13 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 5188 0
72 B 15ms
13ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:13 GMT
content-length: 0
vary: Origin

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame E241 15 KB
3 KB 18ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame F662 437 B
572 B 958ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-9675453&@b3:1707253993&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 253b8cbda7d29e9fae09974fcc3a4700eda45e8bf59a07df24237e5f254b6401

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame D426 0
451 B 358ms
351ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 6.48
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dkU71KxaK24dNorEV8Mx6ZxJXf%2FIwbFZ9UV2QKDqitVVH3j%2B685%2Bsfn%2FSE7Y7ZA5zf6WPygitfQXXuCQFYOyQvAnCat9pfi%2F2doszj8ykO%2FevF4aZuiiKD4owTBVxSyCiFDC6qf%2FJonkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85166551a8c23e01-SIN
expires: Tue, 06 Feb 2024 21:10:40 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame D426 33 KB
11 KB 16ms
9ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1609
x-amz-cf-id: jLVc1l__e7_1nlfw9PDxCVjlBREFTQbGde_jWwCgPBCCriPovxhITw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame D426 0
284 B 338ms
332ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=4&_ls=7&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6mm4&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 0.104
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuG2wMakQ%2FOsT%2FpTjUO9m9uQBxkweYYfyblBMA9TA7rSTaVTU51JrogucZAgVIuRnW9W5KD1C97t4le6H6Ufv0PwQdFujA20brWGmZcQvOJpQ2Exet4k12Ju31b%2F4ptvJLnCLuhF%2BsqkkeE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85166551a8245f5e-SIN
expires: Tue, 06 Feb 2024 21:13:12 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 28B5 0
320 B 348ms
344ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 8.36
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UGXo2A7ZP%2BFaD3dXhLSPpJpkBQ3kaS5UDsnP%2FqWKKh%2BLebY3eb6toq31JqNhl%2B3jQ06vR6sY2QPTUetAX%2F6KRE8kenB05n6oMQ%2BZNhs2u%2BA3CcRKondjf%2F5JKfDEXyawT3UommEStBCDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 85166551a8c33e01-SIN
expires: Tue, 06 Feb 2024 21:13:49 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 28B5 33 KB
11 KB 14ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1609
x-amz-cf-id: cJbzrR77l0AzLLZ0elMRG0La089JHwI39z5HCMCek-dVeRyVWsOpKA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 28B5 0
283 B 337ms
333ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=1k5shfatpr&_pv=4&_ls=11&_cc=sg&_pl=d&_b=chrome%40121&_cbid=7b7p&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
x-t: 0.089
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL0umeRPYMz02TL%2BgIFJsuVoSVIGx5Q5iHEW1pemMe9Cm6AVMf4VAqdvuikoFEcOfHjeJiVl%2BUEXT5fRQa7AgxK8ekCZYryj1mhZ3nq%2B3bjvFS1XCeldLqa5e7eKmJhxVfRkOfiQYDEhGd8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85166551a8275f5e-SIN
expires: Tue, 06 Feb 2024 21:13:12 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0E2A 230 B
529 B 8ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0E2A 231 B
530 B 9ms
8ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 0741 437 B
572 B 842ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-189698119&@b3:1707253993&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 253b8cbda7d29e9fae09974fcc3a4700eda45e8bf59a07df24237e5f254b6401

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 874B 5 KB
2 KB 7ms
6ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1443
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: gjsU9ciczOopRjmDpVfS9kT_3r1xVXEW_RSZjP-VRI1FYSP28HaiPA==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 0F3C 5 KB
2 KB 6ms
5ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1443
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Nsp5nzkkmrg1Rm2WrwJsxm4zBp_hBtjn4BYEU0aiKjc97nbb1Se44Q==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 0B17 43 B
573 B 245ms
245ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=34267

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3

200

/ Show response
vip.poltar2d.info/prediksi-china/ Frame 0DB3
Redirect Chain

https://vip.poltar2d.info/prediksi-china
https://vip.poltar2d.info/prediksi-china/

103 KB
24 KB

54ms
54ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-china/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

38d170f89cdc907197874054154fc4c6005d78bd7bf77d96c290b6d401275256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:13 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/93>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=93>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:13 GMT
location: https://vip.poltar2d.info/prediksi-china/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame DD1E 43 B
573 B 238ms
237ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=67715

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/kalkulator-invest/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 4672 85 B
482 B 9ms
8ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606837
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: bwelMq9rUJOSQ_PQUSr_mPk9dM-S0ALkTe9bwb3qJpLABrP2PmWd0g==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 43CC 43 B
573 B 242ms
242ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=34481

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:13 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame F711 85 B
481 B 10ms
10ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606837
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: NssQvfVNrYFtVfrS586cpV2gL81AM6lkcTRPiLRb8Yl5QtAe8kzuHg==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

merge
ce.lijit.com/ Frame 86D0
Redirect Chain

https://um.simpli.fi/lj_match?r=24617
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

203ms
203ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:13 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 6B81 0
145 B 246ms
246ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=16885&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2D9E22AFC73D457DB08305A60F58D768 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQvS6u/MxK/yNNVIMA==

GET
H/1.1

200
OK

/ Show response
ps.eyeota.net/pixel/bounce/ Frame 63A1
Redirect Chain

https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0

761 B
1 KB

15ms
15ms

Script
application/javascript

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: fd0c282cfd620e7ad9c50bd0df45d66fa708388329fd0900c17d46842991b2b0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Tue, 06 Feb 2024 21:13:14 GMT
Content-Length: 761
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Date: Tue, 06 Feb 2024 21:13:13 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 / Show response
opesia.vip/iframe-live/livesydney2.php/ Frame A3AF 3 KB
1 KB 387ms
387ms Document
text/html 2606:4700:3036::ac43:8f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/livesydney2.php/
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesydney.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db3ca4a564b5eb85bd17a7366b1095f8012e1312bf9a88d806d9253c487a3a7a

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85166552bdd99f91-SIN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg%2FTDLTpUXw5Eo5SSbZr1Dt6uyg%2FQvtpDiJiEGFgSuxXNxDP97SY79pP1P1%2Bm5ShGVLQ1FlITvBPNnrFvHkfAnOzy9tvndvZhHYLaS3evkr2a2trJSekCC4yphLastA5vstsJ5Ppuzif"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame EEF1 11 KB
4 KB 18ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesydney.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78814
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166552cad340e8-SIN
content-length: 4547

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame 8473 436 B
571 B 724ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:21432468&@b3:1707253994&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: f49b4a693887bb7f3e7dfd9e6d3ab522c0f9db91ff521f9e88526dc819682fba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B639 11 KB
4 KB 21ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78814
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665540c3a40e8-SIN
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6BD6 230 B
529 B 15ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6BD6 231 B
530 B 15ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 60E5 11 KB
4 KB 23ms
22ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78814
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665543c6040e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 6DA1 10 KB
2 KB 14ms
13ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:13 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 60E5 75 KB
76 KB 17ms
17ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225052
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665546d5d40eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 6972 18 KB
5 KB 10ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:13 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 34D9 11 KB
5 KB 12ms
12ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78815
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665578e1540e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 85D3 10 KB
2 KB 16ms
15ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:14 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame FBEB 5 KB
2 KB 12ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1444
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Smv5fFL1_SR9LAk0SPqChAHT7gE7Rt4-9_-GVQyoHtYgol_hw8V3uw==

GET
DATA 200
OK truncated
/ Frame 6C18 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E567 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 34D9 75 KB
76 KB 15ms
15ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225053
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166557d83440eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame EF1B 16 KB
6 KB 21ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13076
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665585e8440e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame EF1B 6 KB
3 KB 373ms
372ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:40543754&@b3:1707253991&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cc4093ce906ac596cd4ff4bfb895a9b197c61a98508c5b6a69d6729286761a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-t: 0.254
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB9jgiV4lz60OjxIG3V8bGnHGf9Qxh6MRLIGhdgjx2JDiWJsf6T2j0qWAYeBl16tHWgZfsmBAa5PeK06B56PaB4llhmbFaEbNdJIBrSIIwuLY1hYi5ztfzqnpYfJz09By6x9wuiMdTSPC4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665585ce25f5e-SIN
expires: Tue, 06 Feb 2024 21:13:13 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 0E2A 16 KB
6 KB 21ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13076
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665585e8940e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0E2A 6 KB
3 KB 372ms
371ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:127406741&@b3:1707253992&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87e4ee75c9f4f01d4ff65df767333143ec7149b9d31de45b84a4a885a74365ae

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-t: 0.226
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3j3KMMLUEirTwukUIpp5tlF2Ls1D%2FxmhPhTVHbwRa%2FcbIZ%2F43P5ZxQd99ZDkqWyGUul5JaCuVT6vyzxk8LgXSgWLSFwp1ALneU5me9USeof3NCe9sZWHW3QJaxTTBPePSvq0JJanwWtkyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665586ce65f5e-SIN
expires: Tue, 06 Feb 2024 21:13:13 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 4672 766 B
1 KB 13ms
13ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648985
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: yT7qj7F01qDuTPr005256bo_ssR8ti11d-dRk2sP2t77O6gLWThj0w==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 538B 0
159 B 247ms
247ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=65142&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D8C11350E6FF4D058C06B12389029F8E Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQvhQ2u3YQXdh1RQMg==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame F711 766 B
1 KB 13ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648985
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: t-yZAXnSZVOySna_pck7cKGA5qOKWIxjbNJw9OFoDuuP1ADpLfzzEA==

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 0DB3 108 KB
13 KB 15ms
15ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 0DB3 227 B
291 B 39ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0DB3 2 KB
353 B 40ms
36ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 0DB3 28 KB
8 KB 41ms
37ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0DB3 86 KB
29 KB 39ms
35ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0DB3 13 KB
5 KB 78ms
75ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 0DB3 157 KB
26 KB 15ms
12ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567706
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 0DB3 30 KB
7 KB 25ms
22ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048139
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166558bd1189a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 0DB3 21 KB
8 KB 18ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084199
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 0DB3 62 KB
16 KB 20ms
17ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368809
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0DB3 3 KB
1 KB 35ms
31ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0DB3 8 KB
2 KB 14ms
6ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0DB3 6 KB
2 KB 16ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0DB3 112 KB
34 KB 17ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0DB3 4 KB
2 KB 19ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame D186 108 KB
13 KB 19ms
15ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame D186 227 B
271 B 22ms
17ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame D186 2 KB
374 B 22ms
17ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame D186 28 KB
8 KB 39ms
35ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame D186 86 KB
29 KB 58ms
54ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame D186 13 KB
5 KB 54ms
50ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame D186 157 KB
26 KB 22ms
18ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567706
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D186 30 KB
7 KB 32ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048139
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166558dd1589a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame D186 21 KB
8 KB 24ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084199
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame D186 62 KB
16 KB 25ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368809
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame D186 1 MB
0 26ms
22ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame D186 43 B
182 B 266ms
265ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame D186 3 KB
1 KB 68ms
66ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame D186 8 KB
2 KB 12ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame D186 6 KB
2 KB 12ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame D186 112 KB
34 KB 13ms
12ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame D186 4 KB
2 KB 42ms
41ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:16 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame CEBC 0
72 B 19ms
18ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bungaprediction.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:14 GMT
content-length: 0
vary: Origin

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame C463 0
181 B 248ms
247ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=60933&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F5E52B2A58D940388E416110EF14B961 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQvjD4WfiKBM3O3MeA==

GET
H2 200 jquery-3.1.1.js Show response
code.jquery.com/ Frame BEA4 261 KB
77 KB 49ms
13ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.js
Requested by: Host: opesia.vip
URL: https://opesia.vip/iframe-live/livesydney2.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2982221
x-cache: HIT, HIT
content-length: 78665
x-served-by: cache-lga21952-LGA, cache-qpg1222-QPG
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707253994.486551,VS0,VE0
etag: W/"28feccc0-413ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9752, 149

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame D3E5 43 B
573 B 244ms
244ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=33607

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 0479 85 B
481 B 14ms
13ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606838
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: 53uqBckHHHYN0tiaCeAGTDkB6SfXioja6r7BiDRO_PaVA3d61RF0Ug==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame C51B 169 B
451 B 209ms
204ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame AB2A 43 B
573 B 245ms
242ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=27029

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 2FCB 43 B
573 B 254ms
252ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=56181

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 799A 0
467 B 290ms
289ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-t: 2.42
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFbj7CFp9kWPA1b%2FgSIRrjizflmKIM9oCNEgXV875PuLb295hGv5YP9XsGV5Yjx9IBqPhqeqshyee4M4MsJ8Xuu6sdMnDlOcXkPYjhL7XI6JA5YjTynNW5%2BhdjGZd95Sc1u86mePfqJgyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85166559ade73e01-SIN
expires: Tue, 06 Feb 2024 20:19:06 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 799A 33 KB
11 KB 58ms
57ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1610
x-amz-cf-id: Nj_0qbHxV7x4quyi8xS8CtAT7IRX7k073NxpqNQs93dwGe7urUW5_A==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 799A 0
288 B 373ms
372ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=5&_ls=9&_cc=sg&_pl=d&_b=chrome%40121&_cbid=2kwt&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-t: 0.092
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jomK0mLypDORxevxkHur5UyCRF%2B%2Ft%2BmV4X%2FHeVp%2B1cxdBS2fOjDbf9sg0sNbDz5btOImWlBNDGVf08Ry23i6Rf3mxQIbHx8RvcrKRJbQzQC09qcvPpurmmIDqN1LI9WP%2Fq49CWFQ3ldBuA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85166559ae065f5e-SIN
expires: Tue, 06 Feb 2024 21:13:13 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6C18 0
567 B 370ms
368ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-t: 0.88
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BP96BbNUvrpOoNLDV2RpF7YoqkpYH%2Fw%2Fqwr808eliMz4pMpTJEu2GbWUp9U9s2JMeBG%2Fw7Pl39R2iDGv%2F1142eTxTQ90sYe4o9xomSNJpd%2BnvK%2FPQLdQnyNEHatgvx9km483YaUDwSfrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85166559adec3e01-SIN
expires: Tue, 06 Feb 2024 18:52:45 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6C18 33 KB
11 KB 64ms
62ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1610
x-amz-cf-id: NSj7lAehFjCF-HlPCYD5WaMjLM6gP6qRJnW5WZxnWx-wcU1OVXlQrw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6C18 0
287 B 374ms
373ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=6&_ls=9&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6z0d&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
x-t: 0.11
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35wr3bRyImR5px6mrSuc9EdCx5sagYW35AnCPgvGhlgn5VBONpSIGE66lpHah6BW0OQKgUn%2BEQpt02MTJ8EfTjOaCtmcHxWWLLHgmDW64Z9aMt7ajdJjXjfHorwJ8j5aGZvXvLPDTbEQYz4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85166559be095f5e-SIN
expires: Tue, 06 Feb 2024 21:13:13 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 283A 169 B
451 B 214ms
213ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 039F 169 B
453 B 213ms
213ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H3

200

/ Show response
vip.poltar2d.info/rekap-angka-3d/ Frame 5B15
Redirect Chain

https://vip.poltar2d.info/rekap-angka-3d
https://vip.poltar2d.info/rekap-angka-3d/

117 KB
27 KB

52ms
51ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/rekap-angka-3d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

c0830ef21d7158fbde0316ae588e121d0fe6721e3bd43bd4457d411b12e23ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/pola-dasar/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:14 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/151>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=151>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:14 GMT
location: https://vip.poltar2d.info/rekap-angka-3d/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
DATA 200
OK truncated
/ Frame 9885 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 6DA1 15 KB
3 KB 11ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 3D28 437 B
572 B 753ms
252ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-139893138&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 253b8cbda7d29e9fae09974fcc3a4700eda45e8bf59a07df24237e5f254b6401

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:15 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 jquery-3.1.1.js Show response
code.jquery.com/ Frame A3AF 261 KB
77 KB 12ms
10ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.js
Requested by: Host: opesia.vip
URL: https://opesia.vip/iframe-live/livesydney2.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2982221
x-cache: HIT, HIT
content-length: 78665
x-served-by: cache-lga21952-LGA, cache-qpg1222-QPG
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707253995.631175,VS0,VE0
etag: W/"28feccc0-413ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9752, 150

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 749B 43 B
573 B 238ms
237ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=86733

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2

200

sovrn_standalone_beacon.js Show response
cdn.lijit.com/www/sovrn_beacon_standalone/
Redirect Chain

https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
https://cdn.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js

21 KB
21 KB

89ms
26ms

Script
text/javascript

13.227.254.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 13.227.254.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-7.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b06ca55c1eb4674bf666bee6cd0193d8e72d3ed8535b7b5df6160e0391d84fc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:39 GMT
via: 1.1 20bb709a751569d186bca51c132b4c86.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 17:32:11 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 1236
x-amz-server-side-encryption: AES256
etag: "b4ecf05fe49c7d270978fd43997bee50"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 21172
x-amz-cf-id: Lm8AFG61vWrW_JGRnGDLrjkJuq-N_QO7uWnXU0heoywyWJ5BhkzT8A==

Redirect headers

location: https://cdn.lijit.com:443/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
date: Tue, 06 Feb 2024 21:13:14 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame DE84 43 B
573 B 247ms
247ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=34070

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 0B17 0
144 B 242ms
241ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=51761&pu=https://vip.poltar2d.info/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A3229E1AE4A54916AA5D13C9A6212FBE Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQvl+HsD2o3Wects1A==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 5188 0
72 B 20ms
20ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:14 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 86D0 43 B
573 B 242ms
241ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=41753

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame E969 85 B
481 B 17ms
16ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606838
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: _7QDhLQiju32pEJak0mfjQR-u8h_EXoG8TiCwlEE2nhtyt-xlwHktA==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

merge
ce.lijit.com/ Frame 6B81
Redirect Chain

https://um.simpli.fi/lj_match?r=93377
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

205ms
205ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:14 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 6972 438 B
573 B 728ms
242ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-147117061&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 35003430f8e39078c9a00375d5611e004a8d187f4d4cbd16bb8dddbf340bfd21

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2407 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 9885 0
442 B 276ms
274ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-t: 1.16
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VurPtHE6TTlGM8dFqZP1xMPNeJQJaKc24OtMUGY4M5N2vvAVRyfekgr34c96r08TImrrNIf%2FPqhUemNLhD%2F3h%2Bjmm80e%2B7MuD%2F4XsSftMwvHtvg4hsPhx13d8ya99KWZwwb0TyLxkBptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 8516655b5ef63e01-SIN
expires: Tue, 06 Feb 2024 20:19:07 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9885 33 KB
11 KB 16ms
15ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1610
x-amz-cf-id: 2aFl2NV0dPrnxQUG48O8iu3riPBHH-lcL-BFRwYXCr4PLR84Z0j0jg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 9885 0
349 B 340ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=6snwpnk6n2&_pv=5&_ls=13&_cc=sg&_pl=d&_b=chrome%40121&_cbid=128w&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-t: 0.084
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPXSjGVXCY2An7GOkexjufjSz3mTaWPrvdx4UFuPx2EiKcaZPe2GzjZbxn5veA4wuNWjuzjn8sda4eNUna54ZsZDHg6ho%2BfJmqlkcuZ%2F%2FATneejEKQ4C7Ttj5a0BT%2F02IRdLuwnOQSfvxGk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516655b6ef85f5e-SIN
expires: Tue, 06 Feb 2024 21:13:14 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 85D3 15 KB
3 KB 9ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/live-china/ Frame 74E9
Redirect Chain

https://vip.poltar2d.info/live-china
https://vip.poltar2d.info/live-china/

100 KB
24 KB

52ms
51ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-china/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

0e464e1c6f699fb837c3f0168169dd1a2564765cdecb33a17c349f9088cb7aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:14 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/274>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=274>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:14 GMT
location: https://vip.poltar2d.info/live-china/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame 2394 435 B
570 B 746ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20SYDNEY%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-126717447&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 7437a158a1955c5377fcfe87d2f824cb0552e91bb895ef42c06f7a62c43ce9b0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:15 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6BB2 11 KB
4 KB 20ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78815
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516655bba2b40e8-SIN
content-length: 4547

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 2394 18 KB
5 KB 8ms
8ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:14 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 43CC 0
72 B 13ms
12ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:14 GMT
content-length: 0
vary: Origin

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 0479 766 B
1 KB 15ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648985
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 2bAqopuUDw5SG4bUyUZAlm5YJnSGih1Iza3IKZbPE2r1Af4Qnj_BeQ==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
72 B 16ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.disksusiangka.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:14 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 63A1 0
72 B 15ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:14 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame E344 0
72 B 15ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:14 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame B318 0
72 B 15ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:14 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 5B15 108 KB
13 KB 13ms
11ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 5B15 227 B
321 B 17ms
12ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 5B15 2 KB
353 B 18ms
13ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 5B15 28 KB
8 KB 24ms
19ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 5B15 86 KB
29 KB 28ms
23ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 5B15 13 KB
5 KB 45ms
40ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 5B15 157 KB
26 KB 17ms
13ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567707
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 5B15 30 KB
7 KB 29ms
25ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048140
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516655cefc189a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 5B15 21 KB
8 KB 19ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084200
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 5B15 62 KB
16 KB 21ms
16ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368810
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame 5B15 82 KB
29 KB 25ms
12ms Script
text/javascript 2404:6800:4003:c1c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 17:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 17:34:48 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 5B15 3 KB
1 KB 47ms
43ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 5B15 8 KB
2 KB 17ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 5B15 6 KB
2 KB 20ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 5B15 112 KB
34 KB 21ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 5B15 4 KB
2 KB 49ms
42ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 1C50 436 B
571 B 735ms
242ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:87579230&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesd.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 24f3487afd7d51ae97535ec4e19613f6e0d8e9faf0fde31c86da0d2a756606b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:15 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame AC9B 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E567 11 KB
5 KB 21ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78816
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516655d8b0c40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame DF4B 10 KB
2 KB 12ms
12ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:15 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E241 11 KB
4 KB 18ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78816
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516655d9b1340e8-SIN
content-length: 4547

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame E969 766 B
1 KB 14ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648986
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 7DghJ-Ak_FUAjULB-lvhYmc02J6ox_tuJAzvcedjZlzfMYIsa3sIMg==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2407 11 KB
4 KB 22ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78816
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516655dab1e40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 308A 10 KB
2 KB 10ms
10ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:15 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 8C8A 43 B
573 B 238ms
237ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=17079

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:15 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 34D9 18 KB
5 KB 10ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame E567 75 KB
76 KB 18ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225054
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516655f2ec240eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 2407 75 KB
76 KB 25ms
24ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225054
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516655f3eea40eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame E86F 5 KB
2 KB 11ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1445
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: iPsrU9hrcaPv5ic3ppyf-HCrFLUP_BNAGZuhdOhGIgejCXmer_WgEA==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 25C0 5 KB
2 KB 9ms
9ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1445
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: c5NK0eHwjgl3ivmgFwbPmqCvF9pJBMCHnMt6Cv0YPFlGmZ1CNwhy3A==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame D157 43 B
573 B 242ms
241ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=3663

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:15 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 874B 169 B
449 B 207ms
206ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 0F3C 169 B
454 B 208ms
207ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 8B6D 18 KB
8 KB 27ms
22ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44479
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665602caa40e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 8B6D 6 KB
3 KB 365ms
360ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-145814078&@b3:1707253992&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c35bc05abb647a7ac7453f61e4d21001edb687c45aa6e5d1657f40152ea2a1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-t: 0.219
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLXH6P9BHHdgj0VQ%2F5vWAfOfjI0S9ZBLNP4AxXDuvuh74jEHSPbv52UJ0WoI9pGoYYxiSdYFSZgLkxtargZ4wf7IgRMdaUX1JXgNM%2BDEg2U8tFjLsQi9PG8LgQ25r2njWbT24VwLQ0zTruI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516656029bf5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:14 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 5ED2 22 KB
12 KB 29ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72170
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665602cab40e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 5ED2 6 KB
3 KB 344ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-51636795&@b3:1707253992&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4f09d02b6820063afc04d9fa999acdfc29c7674e778c610ab7ab985e0b67f1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
x-t: 0.214
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxMevWpPNhKDVokIxvTMO2SsRn8l4OgKdGLQv8y8i4cVdSr6vMIa3xhZ6C98KHMESgHv83t%2F9zpJiovpRYk%2FaygLb60SWIrgU9gxkvKmvdCuQEiJ%2FH5qzk%2BqY%2B1%2BVAxXBfefVWb7sOQIpbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516656029c35f5e-SIN
expires: Tue, 06 Feb 2024 21:13:14 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 538B
Redirect Chain

https://um.simpli.fi/lj_match?r=111
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

233ms
232ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:15 GMT

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame EEF1 436 B
571 B 757ms
248ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:130640683&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 24f3487afd7d51ae97535ec4e19613f6e0d8e9faf0fde31c86da0d2a756606b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 74E9 108 KB
13 KB 17ms
12ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 74E9 227 B
273 B 19ms
14ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 74E9 2 KB
353 B 20ms
15ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 74E9 28 KB
8 KB 21ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 74E9 86 KB
30 KB 22ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 74E9 13 KB
5 KB 34ms
29ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 74E9 157 KB
26 KB 22ms
17ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567707
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 74E9 30 KB
7 KB 34ms
30ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048140
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665606a7489a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 74E9 21 KB
8 KB 24ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084201
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 74E9 62 KB
16 KB 25ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368810
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 74E9 3 KB
1 KB 47ms
44ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 74E9 8 KB
2 KB 27ms
19ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 74E9 6 KB
2 KB 27ms
19ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 74E9 112 KB
34 KB 28ms
20ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 74E9 4 KB
2 KB 46ms
38ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H2

200

merge
ce.lijit.com/ Frame C463
Redirect Chain

https://um.simpli.fi/lj_match?r=87864
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

200ms
199ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:15 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 4AEB 0
448 B 360ms
356ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-t: 1.62
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvFpqV468rIIVfxsKslmq5ldPBIms2vQYU0TJ940zBzslvtgr19aVwBOHF4SJ1VyyJoNeDYkqXwYVnEDJT8lyoOOBooCf%2FUhhIVmx9RZG9qDr8om1qYZqxjPV2Ef561ijk9DxAcQdqWzrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 851665610a753e01-SIN
expires: Tue, 06 Feb 2024 18:52:46 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4AEB 33 KB
11 KB 15ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1611
x-amz-cf-id: CDPQcMLXsjr8AzH-tKvfuRm0Ma35QAn3EAUFb5CIQOvm4MbN3or6uA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 4AEB 0
313 B 373ms
370ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=woyan4849m&_pv=4&_ls=13&_cc=sg&_pl=d&_b=chrome%40121&_cbid=7fqh&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-t: 0.086
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxxohc7whMnTy7FCgFc%2FCHToBISjWPq7AZGhyuipjryx2rVKSI74WLrQh4CQW%2BYYtAfZCJRB%2FVVQFCSHl%2F6Bm9oMzCkuDdmZUhC9HLTDL%2BfciB25yj7pdYnJtQlg%2FE3SbV64nWxtfHPeKf0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665610a285f5e-SIN
expires: Tue, 06 Feb 2024 21:13:14 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame AC9B 11 KB
4 KB 20ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78816
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665611d9e40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame 355D 12 KB
2 KB 13ms
13ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:15 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 60E5 18 KB
5 KB 12ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:15 GMT

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 730ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:7427746&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 740ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:99853230&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 748ms
252ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:125208850&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 773ms
259ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-79427379&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 757ms
245ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-69793179&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 1325ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-108840341&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 806ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-135701311&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 794ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-152398680&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 797ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-93534201&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 1323ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-19551100&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 1516ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-75330808&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 968ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:33503707&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 765ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:152313412&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 766ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-172291513&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 775ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:17103790&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame B639 439 B
574 B 990ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-14110283&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 60E5 438 B
573 B 1513ms
241ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPOLA%20DASAR%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-134219354&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 3dd9bab6b70d97ac3b4d04e6f0a4a097db2f7637a025f1c7fbe7423498c179ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame AB2A 0
145 B 321ms
315ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=44566&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 677FA710C91446D2AE9AA9F7F82D6151 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQv25F0167kxrywB4Q==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 2FCB 0
146 B 244ms
241ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=83638&pu=https://vip.poltar2d.info/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 336397A6A15E452B9059B9F94BFC49BA Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQv25miM85fhzEQkNg==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame AC9B 75 KB
76 KB 22ms
21ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 465134
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c4f1d4ee3f7913748b6627f04107416
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166561988440eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6972 230 B
529 B 12ms
12ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6972 231 B
530 B 13ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 6BD6 16 KB
6 KB 32ms
31ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13078
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665632f2b40e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6BD6 6 KB
3 KB 374ms
374ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20ANGKA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-56385721&@b3:1707253993&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08e32e2771c1c7e774b70eedb3a09bbbfa232937feae7de416e7a90853922b11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-t: 0.223
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L9NkeGii4m4A5%2B3S2GiHOuz%2FoXpnZZxs5V%2Fu7S8vcZxdwY2iIge2FCEgitcS933DZ1l1Fol%2BJ%2FHFuj0%2FWRWslv12qnnygjuHJpj5Q%2F8XG0bIssjE0rlaKeZs%2FtvIaCeiArBD7wJBePsvyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665632b565f5e-SIN
expires: Tue, 06 Feb 2024 21:13:15 GMT

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame F662 18 KB
8 KB 28ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44480
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665632f2c40e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame F662 6 KB
3 KB 382ms
381ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-9675453&@b3:1707253993&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319d6c1ad63b93da1b020b7962ed28d1aaf3f90efa8f2ae744ad675739e66fd2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-t: 0.232
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bX0D%2B9mNRaiwKTIfBe0mBWQKFhL2QJ0ZyIea6aI6gAurZfKn%2BU46WS4WvKRbhIyOC1L%2Fp3MmkPUzX3kUFSzYglEYNMfPbcruzJEx7YQ2Kq%2FmgZI6%2BtLioLb5j9SMOHaAdhpxZ%2FyMaoyvofM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665632b585f5e-SIN
expires: Tue, 06 Feb 2024 21:13:15 GMT

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 0741 18 KB
8 KB 28ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44480
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665632f2d40e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0741 6 KB
3 KB 341ms
341ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-189698119&@b3:1707253993&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e40f30447b071714cf1cdf5039293c0cd4bbc0d2f793b7f2fe3a7cbe88a0a4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-t: 0.226
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Bfeh3FpCzuV8SyjjKYmXFpoBo8%2Fo8z6YAkenVDJ6KtJV%2FBoHCfrC4Q51h5j9Sa%2BdrGcRefa2XtOrD355HXOtQo%2FkYO5SAlz8%2BL6lZdnB4JxMFR55%2FuhL6csLCapQIjSXHDHSreUOGGm44Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665632b5b5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:15 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 749B 0
146 B 249ms
248ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=18758&pu=https://vip.poltar2d.info/live-china/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 14E765DCB09F43EE8C2DCC4B434602DA Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQv7UWTm6BBJWPKk3A==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame DE84 0
182 B 316ms
315ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=27379&pu=https://vip.badutprediction.info/jalur-shio/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4AC279E0CB9B48929C61EBC176953554 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQv7UCIF8vIZgExqkA==

GET
H2

200

merge
ce.lijit.com/ Frame 0B17
Redirect Chain

https://um.simpli.fi/lj_match?r=34553
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

209ms
208ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:16 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame D426 5 KB
2 KB 18ms
18ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1446
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: vZxQdnWnKGLh8RFPfZY7jDG--yB1HZvsyOT9MogZAPeHasChhzJlqQ==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame DF4B 15 KB
3 KB 12ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 6B81 43 B
573 B 238ms
237ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=76548

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:16 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame C5A1 85 B
482 B 16ms
15ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606840
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: XbcieXziPpwaL0NxXKXA-d2qAMeDTpTIkyDZ1wbnitpEvoqi2uH-pg==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 308A 15 KB
3 KB 10ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 28B5 5 KB
2 KB 16ms
16ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1446
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 2ncHBDCrF9Pc9lk-jELJeRcjMz4edE1el127n_4GhtTQVSt1nJYjAA==

GET
H3 200 / Show response
vip.poltar2d.info/buku-mimpi-2d/ Frame BF22 116 KB
28 KB 57ms
57ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/buku-mimpi-2d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

28e412b7f4102bc5be898433e7787f7ff64620ff003a0d7f9c6086f9e8ea0bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-cambodia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:16 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/216>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=216>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

GET
H3

200

/ Show response
vip.poltar2d.info/generator-line-angka/ Frame 0DB6
Redirect Chain

https://vip.poltar2d.info/generator-line-angka
https://vip.poltar2d.info/generator-line-angka/

102 KB
24 KB

62ms
61ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/generator-line-angka/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

130640d6a63e2fbe7054453ac6d567707cec9e2ee2e5d19b6431671a9b79eb77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/buku-mimpi-2d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:16 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/159>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=159>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:16 GMT
location: https://vip.poltar2d.info/generator-line-angka/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame DD1E 0
72 B 19ms
18ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zona88.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:16 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 34D9 438 B
573 B 1032ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:110261908&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 3dd9bab6b70d97ac3b4d04e6f0a4a097db2f7637a025f1c7fbe7423498c179ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame FBEB 169 B
451 B 208ms
208ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 8473 13 KB
4 KB 23ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69704
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665648ff240e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 8473 6 KB
3 KB 376ms
375ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:21432468&@b3:1707253994&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f9a09217433a0218952593cd0fb68a7ff5bd67203fcfc375666e3e746d97b5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
x-t: 0.195
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMqSCaVJv1MSU66nBp2aiu2d4GWXCR52UNajOPEIFawHGK8tPyGB4W2Aws8j0YSfZFSEtbspMtA2EG1p9DCz74ozxxAjfcGn6RKW4171plw%2FyZE7M2SbZZOluFx0rUi%2B50lO6bRduIxG0HE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665649bfa5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:15 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 63A1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mi10OVRDeVRWM2ZuR3JRcmxxSUdFUVV0TEZqZTNpNlZOMlZob1pwb2FjMGM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEArJvjzU9htlupBp03jnPS8&google_cver=1

70 B
440 B

13ms
12ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEArJvjzU9htlupBp03jnPS8&google_cver=1
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 21:13:16 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEArJvjzU9htlupBp03jnPS8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 63A1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=007f78be-91e5-4d54-8874-1e9e2f52bb83&bid=1e2n4ou

70 B
440 B

37ms
13ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=007f78be-91e5-4d54-8874-1e9e2f52bb83&bid=1e2n4ou
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 21:13:16 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=007f78be-91e5-4d54-8874-1e9e2f52bb83&bid=1e2n4ou
date: Tue, 06 Feb 2024 21:13:16 GMT
server: Kestrel
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 63A1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=ZcKg4gAAAeT8dABj&bid=0rijhbu&referrer_pid=51md42u

70 B
440 B

14ms
13ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZcKg4gAAAeT8dABj&bid=0rijhbu&referrer_pid=51md42u
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 21:13:16 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-qpg1276-QPG
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1707253996.262946,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZcKg4gAAAeT8dABj&bid=0rijhbu&referrer_pid=51md42u
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 63A1
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Ki2E6tZE2pWtIIp1Kon_iZsmMaOvKlLgi0Q-~A

70 B
440 B

13ms
13ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Ki2E6tZE2pWtIIp1Kon_iZsmMaOvKlLgi0Q-~A
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 21:13:16 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Ki2E6tZE2pWtIIp1Kon_iZsmMaOvKlLgi0Q-~A
date: Tue, 06 Feb 2024 21:13:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 63A1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=7381708761601567904&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

36ms
12ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=7381708761601567904&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 21:13:16 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:16 GMT
an-x-request-uuid: bab7be3a-e789-4815-8219-95602a6720a9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=7381708761601567904&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 209.58.162.239; 209.58.162.239; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 8C8A 0
360 B 284ms
283ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=99203&pu=https://vip.poltar2d.info/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 536636F372EF46D3BBF86A0093C9DDFA Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQwCMe+sQKoi4foQ4g==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 355D 15 KB
3 KB 19ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/prediksi-sydney/ Frame A20E
Redirect Chain

https://vip.poltar2d.info/prediksi-sydney
https://vip.poltar2d.info/prediksi-sydney/

698 KB
70 KB

58ms
58ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-sydney/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

0f4994428821c42af72d0508df18a609b56c3c635c3a128776c1a2e0763a3f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:16 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/55>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=55>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:16 GMT
location: https://vip.poltar2d.info/prediksi-sydney/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
DATA 200
OK truncated
/ Frame EF1B 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0E2A 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame D186 135 KB
135 KB 19ms
18ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6DA1 11 KB
5 KB 26ms
25ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78817
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665671a3940e8-SIN
content-length: 4547

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame D157 0
145 B 250ms
249ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=98623&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0122198D29E34AE9BFBFD9965E2D8793 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQwH6bKVXWygcnVvgw==

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame E567 18 KB
5 KB 68ms
68ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:16 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 538B 43 B
573 B 244ms
243ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=78827

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 77A9 85 B
483 B 12ms
11ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606841
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: O_vaB4YWiFHlz8OZNanwkkQSOAGNrf0G7g4OnUvA0YVNuPEh9o6wUg==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame C463 43 B
573 B 249ms
248ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=59248

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 4EF3 85 B
481 B 12ms
12ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606841
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: 11ZNkdYciiEphnUINliZoKSx5K6uycdfa-1_zqejEd8OBimzTAqRdQ==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame C5A1 766 B
1 KB 13ms
13ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648988
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: oaRgdM11yRvUNZehqJv87nldSCK7qG8KY5ykWb9kdT96M9VvoeB8jA==

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame BF22 108 KB
13 KB 25ms
24ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame BF22 227 B
273 B 29ms
26ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame BF22 2 KB
353 B 29ms
26ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame BF22 28 KB
8 KB 30ms
28ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame BF22 86 KB
29 KB 67ms
65ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame BF22 13 KB
5 KB 113ms
111ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame BF22 157 KB
26 KB 35ms
33ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567709
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame BF22 30 KB
7 KB 42ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048142
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516656c497789a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame BF22 21 KB
8 KB 38ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084202
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame BF22 62 KB
16 KB 40ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368812
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame BF22 3 KB
1 KB 36ms
27ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame BF22 8 KB
2 KB 21ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame BF22 6 KB
2 KB 22ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame BF22 112 KB
34 KB 22ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame BF22 4 KB
2 KB 37ms
25ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 0DB6 108 KB
13 KB 53ms
50ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 0DB6 227 B
246 B 84ms
80ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0DB6 2 KB
349 B 84ms
81ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 0DB6 28 KB
8 KB 84ms
81ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0DB6 86 KB
30 KB 130ms
127ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0DB6 13 KB
5 KB 126ms
123ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 0DB6 157 KB
26 KB 41ms
39ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567709
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 0DB6 30 KB
7 KB 48ms
46ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048142
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516656c598189a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 0DB6 21 KB
8 KB 45ms
43ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084202
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 0DB6 62 KB
16 KB 46ms
44ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368812
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame 0DB6 0
0 58ms
50ms Script
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0DB6 3 KB
1 KB 40ms
33ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0DB6 8 KB
2 KB 22ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0DB6 6 KB
3 KB 27ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2490
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0DB6 112 KB
34 KB 27ms
18ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0DB6 4 KB
2 KB 45ms
35ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H2

200

merge
ce.lijit.com/ Frame AB2A
Redirect Chain

https://um.simpli.fi/lj_match?r=27636
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

221ms
220ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:17 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 85D3 11 KB
5 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78818
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516656c5d0740e8-SIN
content-length: 4547

GET
H2

200

merge
ce.lijit.com/ Frame 2FCB
Redirect Chain

https://um.simpli.fi/lj_match?r=39350
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

221ms
220ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:17 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame EF1B 0
425 B 352ms
350ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-t: 1.87
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89A4fPGH%2FKAPCfFQRlmwpVypL4QTzSfj%2FxW8d%2BW4UgLdQvEC0Zhor2HfJwwaG51nSGsWXFaOzgTkAtz2y7f%2Fqe3%2FTreVA%2B0sV19PKsTEeN%2Bi9dbCGlPzGfAWPKWgHNGTeVwjTyvmDJw2kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 8516656cea5f3e01-SIN
expires: Tue, 06 Feb 2024 18:52:48 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame EF1B 33 KB
11 KB 14ms
13ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1613
x-amz-cf-id: uGTXFFuYIWbHQpUDlCLgDblDD2C9jsHkqhfEYfpiHKxB6aO9oY-vbg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame EF1B 0
353 B 350ms
349ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=7&_ls=13&_cc=sg&_pl=d&_b=chrome%40121&_cbid=3m7h&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-t: 0.096
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yr%2FJUIIny36J5G178lTK0iulFDqC2hRZFa6vAs7az7y8yIC9hbvn9FC1zztDzKVjCcx4CenUz6Kq5F3q5BihF7a8ha8zeE3j5gnF0kdX4QlMwq7LjtJy%2FLRLMCd1wUk%2Bc0MS9rCMnKpFzRM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516656ce88e5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:16 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 0E2A 0
443 B 306ms
305ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-t: 2.4
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcv15gVxGyvgFQ0Vekhk68yILb6hqgFP0zFZunhza%2Bsw6618ebKuL%2BLn%2BLpxeCHBltsjLKGFnH1XIUuLF%2Fud4rmbGeURFuABzcPQN1HGO3zbQtNjaYXJ%2BkcaTULQRmLOMD9O9Bj9hr5oFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 8516656cea643e01-SIN
expires: Tue, 06 Feb 2024 21:10:45 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0E2A 33 KB
11 KB 16ms
15ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1613
x-amz-cf-id: PVmkYwP4bhlrq7r4knWH2ulRzSKCK8I92APJyKE3wsA4AtC9203mIQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 0E2A 0
286 B 376ms
375ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=8&_ls=13&_cc=sg&_pl=d&_b=chrome%40121&_cbid=721g&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
x-t: 0.136
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzvSQfjJrIgN8qjvU5VJn7d09d3rYfpcFTQaShB0Lv0d0j8o8D5Uh1OaDgQcUNniJqBUaIrIU8zoJQq4pgI%2FP%2B5atUigSluu9tLMp3WTdyy%2BpfSwKKBAkrTX4Q9RfY%2F0kgoVPq%2BeheqbaWo%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516656cf8955f5e-SIN
expires: Tue, 06 Feb 2024 21:13:16 GMT

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 6CD5 208 B
401 B 17ms
16ms Document
text/html 52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: aca409e8a5e186422befa4b70ac53afc6c0a183c52789a9a6e4e5a74e101735e

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-length: 208
content-type: text/html
date: Tue, 06 Feb 2024 21:13:17 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.42.25.89

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 6BB2 435 B
570 B 1016ms
283ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:56051259&@b3:1707253998&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: bfd84ae265e88d7fa9f5d4c3afb7acd3807cddcb386633824452346fac0218b8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0DB3 11 KB
5 KB 17ms
16ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78818
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516656d1dab40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame B346 10 KB
2 KB 15ms
14ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:17 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 6B81 0
72 B 10ms
9ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:17 GMT
content-length: 0
vary: Origin

GET
DATA 200
OK truncated
/ Frame 0DB3 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 0DB3 75 KB
76 KB 24ms
23ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225056
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516656d988640eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D186 11 KB
5 KB 28ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78818
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516656e4e5240e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame 5406 10 KB
2 KB 27ms
27ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:17 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 8A1B 112 KB
25 KB 89ms
88ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

de5fe79b857e112e3bab6257971923ce2effe44d527e2a204639935b702f51e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:17 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 799A 5 KB
2 KB 30ms
29ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1447
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: OlcmmhoD2TLfsYvTACz2YhC8lu3u4w0UUaZttKEJQXIQh-y8uSkbBQ==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6C18 5 KB
2 KB 28ms
28ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1447
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Bwpg1rvLysT9qc1YiSub6sPeWCL2i_YmIO-PNzGw0rrpMNSXqFX7hg==

GET
H2

200

merge
ce.lijit.com/ Frame 749B
Redirect Chain

https://um.simpli.fi/lj_match?r=28602
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

232ms
228ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:17 GMT

GET
H2

200

merge
ce.lijit.com/ Frame DE84
Redirect Chain

https://um.simpli.fi/lj_match?r=13365
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

231ms
227ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:17 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 0B17 43 B
573 B 261ms
261ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=4484

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7DDC 85 B
482 B 44ms
43ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606841
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: hdymN-YFr134AmUqCcI41qB8GCJPlPxhl1jfPilc5kMLau_7W38zpQ==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame A20E 108 KB
13 KB 45ms
41ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame A20E 227 B
246 B 49ms
46ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A20E 2 KB
349 B 50ms
47ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame A20E 28 KB
8 KB 51ms
48ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:17 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame A20E 86 KB
30 KB 84ms
81ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame A20E 13 KB
5 KB 111ms
108ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A20E 157 KB
26 KB 53ms
50ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567710
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A20E 30 KB
7 KB 51ms
48ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048142
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516656edad889a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A20E 21 KB
8 KB 56ms
54ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084203
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A20E 62 KB
16 KB 57ms
55ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368813
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 18a1e3ac1f6c65c911ecff2ec84f74cc
secure.gravatar.com/avatar/ Frame A20E 3 KB
3 KB 18ms
11ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/18a1e3ac1f6c65c911ecff2ec84f74cc?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b3bc87f36189128324553379012da869ef88015dbf6a9e33535bdf09de771083

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:19 GMT
last-modified: Thu, 11 May 2023 05:09:34 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="18a1e3ac1f6c65c911ecff2ec84f74cc.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/18a1e3ac1f6c65c911ecff2ec84f74cc?s=50&d=mm&r=g>; rel="canonical"
content-length: 2605
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:19 GMT

GET
H2 200 c7b37b57c25cdebc25422430bfd9ef0f
secure.gravatar.com/avatar/ Frame A20E 6 KB
6 KB 19ms
12ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e4da1a45ed746764f7043a54f5c78ac0840286859eddb34428d87f941d351c36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:19 GMT
last-modified: Fri, 29 Sep 2023 15:10:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c7b37b57c25cdebc25422430bfd9ef0f.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g>; rel="canonical"
content-length: 6068
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:19 GMT

GET
H2 200 b56670e2550efc9c17c4db0317240d03
secure.gravatar.com/avatar/ Frame A20E 1012 B
1 KB 19ms
13ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b56670e2550efc9c17c4db0317240d03?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f0b025141ad7acf44c398e0f97eb1f60571ecbcd23394c1c546c97ef83c726ed

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:19 GMT
last-modified: Thu, 11 May 2023 05:04:22 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b56670e2550efc9c17c4db0317240d03.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/b56670e2550efc9c17c4db0317240d03?s=50&d=mm&r=g>; rel="canonical"
content-length: 1012
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:19 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame A20E 3 KB
1 KB 45ms
40ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A20E 8 KB
2 KB 21ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A20E 6 KB
3 KB 22ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2490
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A20E 112 KB
34 KB 22ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A20E 4 KB
2 KB 43ms
32ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
DATA 200
OK truncated
/ Frame D186 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame D186 75 KB
76 KB 47ms
47ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135613
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516656ef99540eb-SIN
cdn-requestpullsuccess: True

GET
H2

200

merge
ce.lijit.com/ Frame 8C8A
Redirect Chain

https://um.simpli.fi/lj_match?r=68684
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

210ms
209ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:18 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 77A9 766 B
1 KB 12ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648989
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: Hu8sbHEdJM6yZycIClxuDkfO8GQVpp4vAqox1-dbPrhqtoxyeXeiWQ==

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame E567 438 B
573 B 769ms
244ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Warna%20Cambodia%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:13955877&@b3:1707253998&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 3dd9bab6b70d97ac3b4d04e6f0a4a097db2f7637a025f1c7fbe7423498c179ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2

200

merge
ce.lijit.com/ Frame D157
Redirect Chain

https://um.simpli.fi/lj_match?r=71264
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

227ms
227ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:18 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 2407 18 KB
5 KB 7ms
7ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame E241 437 B
572 B 778ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:188891204&@b3:1707253998&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 6f62ac9fff6ec21e48f752d02d0aa9faa3e7f6275ccce54216ae6520b1848d2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 34D9 230 B
529 B 12ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 34D9 231 B
530 B 12ms
12ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 3D28 18 KB
8 KB 25ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44482
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665707fc740e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 3D28 6 KB
3 KB 338ms
337ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-139893138&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3166828a8e6039ad84ff8a775d57fbc52b7715f15f19c6d9c444ad0b917436c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
x-t: 0.203
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCnKsEAbalv4JUYIgm2Ee0EpwN0b95lG4qLfIyxddnAoaCkwGLiNTBHiJf%2B%2BSRVlP%2FNFIoXWsMS31DIU0ILl%2FIKYteziO%2FDli8wrqVIv08kiGBeVsqwWddASHDuM%2FENdZUzAxiG2XvlOwfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665707b175f5e-SIN
expires: Tue, 06 Feb 2024 21:13:17 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 6972 16 KB
6 KB 22ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13080
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665708fcd40e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6972 6 KB
3 KB 331ms
330ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-147117061&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb12453c515c5a23efabb8576166f64d97147fcb7c4b84f68c021e99057b8ae7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
x-t: 0.221
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCDVtb1EyT3nkzyiW6LFXuSuX7hqSxaX%2FsDuKhmEDDHfL09xG9Q0qjIOp47Dkr1NGC1fE0vig%2BbLYtYLVXQk6RuKxuhlswwy3ioF%2Fob212QHKX0DAh684HuOt6XmrC62S6usbtncSPxzaVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665708b1d5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:17 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 4EF3 766 B
1 KB 12ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648989
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: U0ysQtsvKAA5mB94_BXiv3LJBkjOAWmfTaeoOda7SxVY6fg3vu6hhA==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 9885 5 KB
2 KB 33ms
32ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1448
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: rVzJBOz2cARwgEM30z4YA61LKYrktzjCsyfqW1PmQpL24-b2VnzqVg==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame E86F 169 B
449 B 222ms
221ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 25C0 169 B
451 B 222ms
221ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 2394 230 B
529 B 43ms
43ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 2394 231 B
530 B 44ms
43ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 2394 22 KB
12 KB 64ms
63ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72173
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166571181940e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 2394 6 KB
3 KB 404ms
403ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20SYDNEY%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-126717447&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96336072f7244dcb6319b29cd64a8e4e763a603a3cfd49d8a0d1f7d3d089e5d9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
x-t: 0.286
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niu9ZdwMyfUjdM0KjY%2BPpW9xHJRvEsBReLA8UeDAzfUd3S6GUrZYdg56P7rTwsSijGRelM5NQGm1dfCEHlo5OlJNSJVW6Zo%2FOw%2FeA4IgKp4nI%2F%2FxGxivuX2o7zP33MMZ3XcUnUB3V4%2BSuEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665711b745f5e-SIN
expires: Tue, 06 Feb 2024 21:13:17 GMT

GET
H2

200

rand=654111251
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/ Frame 6CD5
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=654111251
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=654111251

49 B
264 B

47ms
47ms

Image
image/gif

52.77.105.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=654111251
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.77.105.252 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-105-252.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.17.76
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 21:13:18 GMT
an-x-request-uuid: 9bc87fbb-bd3d-47bb-9a36-3f4de968d2b2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7381708761601567904/gdpr=0/rand=654111251
x-proxy-origin: 209.58.162.239; 209.58.162.239; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame B346 15 KB
3 KB 49ms
49ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/pola-dasar/ Frame 2E16
Redirect Chain

https://vip.poltar2d.info/pola-dasar
https://vip.poltar2d.info/pola-dasar/

120 KB
26 KB

63ms
63ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/pola-dasar/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

75dbd7296a0cf297d536c6436a2ff7251fec6afcc0e0291bc6a207422b2fbfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/prediksi-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:18 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/193>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=193>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:18 GMT
location: https://vip.poltar2d.info/pola-dasar/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame C51B 43 B
573 B 281ms
280ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=49054

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame AC9B 18 KB
5 KB 16ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 60E5 230 B
529 B 19ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 60E5 231 B
530 B 19ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame 1C50 18 KB
7 KB 27ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 60865
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166571d86b40e8-SIN
content-length: 7420

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 1C50 6 KB
3 KB 345ms
344ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesd.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:87579230&@b3:1707253995&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesd.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f1c863ff6615e6d7cb30c4cd5aee2db27f04ded076b0b88c8312dfe9b862763

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
x-t: 0.29
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCEZIZghsGyNeDkAJhpfZ%2B0Nk%2FhIpw2E1B3VarOJ%2F%2BpwRNPjCfq2pH5ixaAakWzAcXhChknQYXcZA5XbpsVn%2B2CxmDzX2KBeEh%2BS8IzXDPmP3RZb%2FMOB8XjrH9ujQkD7x5U2Ovf%2F%2B%2FlyT2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166571dbdd5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:17 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5406 15 KB
3 KB 17ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7DDC 766 B
1 KB 21ms
19ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648989
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: XaScUIFU_h5fHPgpR7STSWpW-rfLZtlu3nYSmsQcQRhqo0J2NNmz9Q==

GET
H3 200 / Show response
vip.badutprediction.info/buku-mimpi-2d/ Frame 877C 119 KB
25 KB 288ms
287ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/buku-mimpi-2d/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

104849980441dc32ad008fbeda42f6b98aab1e386fd9d1076563736e43b0dadb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/rekap-angka-ct/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:18 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/216>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=216>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame 74E9 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 8A1B 108 KB
13 KB 11ms
11ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 8A1B 227 B
284 B 14ms
12ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 8A1B 2 KB
353 B 15ms
12ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 8A1B 28 KB
8 KB 15ms
12ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 8A1B 86 KB
29 KB 16ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 8A1B 13 KB
5 KB 31ms
28ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:18 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 8A1B 157 KB
26 KB 17ms
15ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567710
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 8A1B 30 KB
7 KB 32ms
30ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048143
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166572ad0689a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 8A1B 21 KB
8 KB 19ms
17ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084203
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 8A1B 62 KB
16 KB 20ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368813
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 8A1B 987 B
1 KB 773ms
260ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 9e2702287b43ab10f360b1f361c1a89f6ff47aa8e790ae72dcd15601731ef86e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:21 GMT
Connection: close
ETag: -1813671794
Content-Length: 987
Content-Type: image/png

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 8A1B 8 KB
2 KB 22ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 8A1B 6 KB
2 KB 23ms
15ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 8A1B 112 KB
34 KB 23ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 8A1B 4 KB
2 KB 31ms
23ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 283A 43 B
573 B 247ms
244ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=55112

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 039F 43 B
574 B 256ms
254ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=36390

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 14
Content-Type: image/gif

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame AB2A 43 B
573 B 254ms
254ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=60192

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 79D3 85 B
481 B 26ms
24ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606842
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: mB4xetab5TiBaNP_qHJu02wDdXbSnjlY02_99tr2cdDREzqph7T4pg==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 2FCB 43 B
573 B 245ms
243ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=98478

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 1145 85 B
481 B 23ms
22ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.velbettgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606842
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: OncCiWV7i5Q-MwejK_QJpHoxWWuM38-ye0y9v40qm27QmzcMe7F2Kw==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame 5B15 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 2407 438 B
573 B 734ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:52693711&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 3dd9bab6b70d97ac3b4d04e6f0a4a097db2f7637a025f1c7fbe7423498c179ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:19 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame DF4B 11 KB
5 KB 35ms
34ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78819
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166573d9db40e8-SIN
content-length: 4547

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame D426 169 B
451 B 216ms
215ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 308A 11 KB
4 KB 31ms
31ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78819
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166573d9ea40e8-SIN
content-length: 4547

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 28B5 169 B
453 B 213ms
213ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 8B6D 0
464 B 354ms
352ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyemrEdggb8xqXn1%2B9cwhYCwxbx9MBBcpgk58rHKss9YctTV9njKOUxQnrjVut4HA8ThRiSa3QdsAAaITdFRE2wSGS0kqVZPUyosd%2FAtACPzV9qtmh1tFsERPC7yA7B3JE5cGPoHs6Qk%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 851665742fd13e01-SIN
expires: Tue, 06 Feb 2024 20:47:35 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 8B6D 33 KB
11 KB 20ms
18ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1614
x-amz-cf-id: abs4ukXXfErjXRxvauFe0-mtdBO2tTBKyVIoRB-tDr7ye3Seum_BSQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 8B6D 0
311 B 343ms
342ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=6&_ls=13&_cc=sg&_pl=d&_b=chrome%40121&_cbid=66sl&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.098
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6hIBK4Cv5FXAC0kOzZqj8%2B0xAP9byPtniVt7n9LmLBrHet7rGVuXV64JB3MlqtOJAnS41CiYSyWx8zRKZmV0vUFHZlOyJw%2BKFhCli%2FZsjuamQUSEc%2FsGl3UkGQQIDtlHJYq8WT7ia%2F4Fq0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665742ce15f5e-SIN
expires: Tue, 06 Feb 2024 21:13:17 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 5ED2 0
551 B 370ms
368ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 1.2
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPtMCWXLWSxX6HyBMD3rb0tWS4FZNMbcj9X1n2gX3zhyt4AGDl9qHI7GyYdTG5%2FwaHqdELMc5Wao5d0y1Vs2r7EAGjH43mdfntqFJGOFb14d5JOvHPlkot%2B0RxN6dOViP%2FusZn5SiSkH2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 851665742fd23e01-SIN
expires: Tue, 06 Feb 2024 21:13:54 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5ED2 33 KB
11 KB 21ms
20ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1614
x-amz-cf-id: N7hD7JNS389Jh5yr2QXJrPnVHL7_ITMvEAqa0Rv6L7UQm4UZ2pioOA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 5ED2 0
307 B 370ms
369ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=twqq6o3xxo&_pv=5&_ls=15&_cc=sg&_pl=d&_b=chrome%40121&_cbid=2aee&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTrXl2WYeHOOunXwKURTX%2ByfpRfGilfHXai7otduSTMKafi4NX7zMyZJGEr0sGhiJNXhMnQgOGXeRnG4qy5kueIxJomYZQVLEkM1XoGCdsYa2U60plM0%2BiiVn8wOLzhqQZ7zWCUVUhKP7ik%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665742ce35f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame EEF1 18 KB
7 KB 20ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 60865
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166574daab40e8-SIN
content-length: 7420

GET
H2 200 / Show response
e.dtscout.com/e/ Frame EEF1 6 KB
3 KB 338ms
337ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:130640683&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b18867d40b9b5acdc882603ce001beaf7ee9e73d6f768e178bee089136dd8561

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.25
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0QRg7ydNnIJDmAFD6a2vIHxPi8pLOEKSslL5Ptp3Xaoy18eXyCtyIMaIZdVL67LRx8gc8CadRCJ%2BVxYhyZz0uRSoGZFVxyAroHHQQz2vRNY6Jvqi4sN4wJHsXUJwHpvkoO5%2BHLyh0UtGQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166574ed4f5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 749B 43 B
573 B 255ms
255ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=57936

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame CFCF 85 B
483 B 13ms
11ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606842
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: ShmzhXpSERvVwxKOsiZVB9tanjWM_9fuQYcSZMhKjhNKaIWkHiV26A==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame DE84 43 B
573 B 243ms
242ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=30195

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 6C19 85 B
483 B 15ms
12ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606842
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: vOenGKHA2wKR45m4M5yQZ_AXBa95aQjXKZHJ1wzo5E8Wvd-M7khbcA==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame B639 18 KB
7 KB 25ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 83858
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665750ab640e8-SIN
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame B639 6 KB
3 KB 336ms
333ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:7427746&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e100dfa5332858e556bf66e8236cf4cd7a89ccadc3fa4312ae9a447fb33ecf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.229
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkhXwvn4e4fUJK7rS%2FfAyfDl0fQwiIu7Se7PPrctxwjqC0ENALq7MvcKilMXsL9HLtsAakjti7SeqzwdEXv6YUWPnB%2BAvqzTAdN1bqCl%2F5uCYmUHXrFVVB%2Fr9%2Biz6GGdVoPSUGKmdLXJrHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665750d635f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H3 200 livechina.php Show response
w1.bungaprediction.com/ Frame 93D8 855 B
461 B 15ms
14ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livechina.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

6da55789d39fc24c0fcef28e6fca1f32988c00cb0aadab8df57a5ee3395f8830

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 415
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:18 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 74E9 11 KB
4 KB 25ms
24ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78819
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665750ab740e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame B998 10 KB
2 KB 16ms
15ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame AC9B 436 B
571 B 809ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:4180953&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: b0d037b4cb66ac6403cd0d302904cf2b80fd8deb44189725fbd02d1b12588b2e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:19 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 4AEB 5 KB
2 KB 15ms
14ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1448
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Vz4tR6Ks-KSCLb6PND_EafTIPQ6-a0IQtn87__geSfIa6MycEEU-Gg==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 74E9 75 KB
76 KB 17ms
16ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225057
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665756d1d40eb-SIN
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame 6BD6 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 355D 11 KB
5 KB 33ms
33ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78820
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665761b8540e8-SIN
content-length: 4547

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 2E16 108 KB
13 KB 20ms
17ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 2E16 227 B
246 B 24ms
21ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 2E16 2 KB
349 B 26ms
23ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 2E16 28 KB
8 KB 27ms
23ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 2E16 86 KB
29 KB 29ms
25ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 2E16 13 KB
5 KB 61ms
58ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 2E16 157 KB
26 KB 53ms
50ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567711
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2E16 30 KB
7 KB 34ms
28ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048144
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665764ea589a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 2E16 21 KB
8 KB 58ms
53ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084204
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 2E16 62 KB
16 KB 58ms
52ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368814
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame 2E16 0
0 90ms
81ms Script
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 2E16 3 KB
1 KB 152ms
148ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 2E16 8 KB
2 KB 16ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 2E16 6 KB
2 KB 17ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 2E16 112 KB
34 KB 17ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 2E16 4 KB
2 KB 152ms
145ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:21 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame D3E5 0
72 B 28ms
24ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame AB2A 0
72 B 28ms
24ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.poltar2d.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 0B17 0
72 B 26ms
23ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://w1.bungaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame C463 0
72 B 27ms
25ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 8C8A 43 B
573 B 241ms
240ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=80299

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7E5D 85 B
481 B 29ms
28ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.velbettgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606843
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: 8sHL8JuwI1glsxNBk0-lHPduAEHLJpGBi_r8_LD0hyoD5U4Zu-AinA==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 86D0 0
72 B 28ms
26ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 6DA1 437 B
572 B 759ms
252ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:62370643&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 6f62ac9fff6ec21e48f752d02d0aa9faa3e7f6275ccce54216ae6520b1848d2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:19 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame D157 43 B
573 B 245ms
244ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=27446

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 67D9 85 B
482 B 7ms
5ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606843
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: MXCplfN73l0nxxscJJKbVNMD4-8QYBQWE42OupTlodrZiww9Gwuhtw==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6BD6 0
446 B 361ms
359ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 1.06
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSMQv1sFf%2FFb1Z2SRrWwK5Z7yDAus1%2FbDp%2BPASgrlNAz3HeI06ePtYMOCqjaO73dtJ7qLIGxOk%2BA7V41qR1AjbDwvfwrHEL0Z0hJ6ZUxDbPSirouQPqfB15G2NmsbFMr6nfOkskUTraOhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85166577399c3e01-SIN
expires: Tue, 06 Feb 2024 18:52:50 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6BD6 33 KB
11 KB 8ms
7ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1615
x-amz-cf-id: KLfLhEyl1Ll-wMhZYwpmBIqe0i7wkpUqq88D2jKTSfGU_qj2yxBBvw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6BD6 0
289 B 332ms
332ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=9&_ls=14&_cc=sg&_pl=d&_b=chrome%40121&_cbid=18d1&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.099
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSaFCOh4CaAMvrGq85kZkyv1NR1lehFzpWvTWrwz83F1xnOdGlmKFgzUbDaedKgZY5%2BD68YHyXTHoCdaghG7XrR2MGXSWiH1RhfAb39F0IchcDoSOsp26aBpQ%2F2mZk7VqOEDWUlxahieMuI%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665773e7a5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame F662 0
448 B 339ms
334ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 1.56
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lN%2FgzLqUK60oKCvpbC1gZN7Ez987wUYyw847NvfMLtr55iRl8DJ7rPes%2Brjq9nu48%2FcocrsolC0neauagnpYzp0cFEPTCO%2F9cZpNaYiHKgV%2BMlmnE17%2FLR0katiZyOrKdH2%2BGVyakJ71OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85166577399d3e01-SIN
expires: Tue, 06 Feb 2024 21:10:46 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame F662 33 KB
11 KB 10ms
5ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1615
x-amz-cf-id: PzdWl2ZXE-x9gvhFjuaBDU1Lk21eibq39z_rMRsLVpj3xf7hKUePIA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame F662 0
277 B 365ms
361ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=7&_ls=13&_cc=sg&_pl=d&_b=chrome%40121&_cbid=1na4&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.099
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuJOaQj1NMw35M6sK29%2B1sk7nW84XrGjEAxmua%2BbAv3pg5EBUU5cpSmwRiqSsSj4mx9FfHj%2BZft6CvSwt5HlvJlkO1Ds27dxdpyycY0QiO9kipImEXTbInlUQ3CtCDclkNPJtrRltc6Fq4M%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665773e845f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 0741 0
442 B 316ms
314ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 1.05
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B8jtBPmA955yDiRgl94XnlAf%2FUsczjj%2BcF50oWXqzLOELlZDpSdgrTGwDCTpotN5h4ErfThVQfU3dkFWrp3YAG8A5FzBDlgJyBYwM3cR%2FXA%2FfjA%2BX4V3TZ3SeProF%2Fy9TvWqtb10oSOfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 8516657749a23e01-SIN
expires: Tue, 06 Feb 2024 20:19:11 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0741 33 KB
11 KB 14ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1615
x-amz-cf-id: 1uJcTJNMZ_7z0lukovYOrZhM5rZSsSdl57a_EafK_BEs9JJ0_NZPFg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 0741 0
378 B 343ms
342ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=8&_ls=13&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6ge9&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.107
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLxWjNk14%2FlveNYMZZrbGykCyWqfQUOmTseTX0rAavugjRw4mGA6OyPKx1HaC6BdxgYG%2FVs3S%2F%2FqAVXy9sANMwSJsfxIDbCtBe%2B9sobQjHKawyhkMKmY1653f1ZKBvz4X8zsYTmldaP1cis%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665774e935f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E567 230 B
529 B 5ms
5ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E567 231 B
530 B 6ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame E344 0
72 B 11ms
10ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 79D3 766 B
1 KB 11ms
10ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648990
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: rKRK7zXQVKh5L5h2StdiBlt9w5TcdTOhDJm3eMjYaoabI9IvHQekQw==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 1145 766 B
1 KB 10ms
10ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648990
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: zHcZIkyRGXGTjyCgg3DZHHi28PTMlEMkxeCvtVB8mBmgIdzRvpdGEg==

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 60E5 16 KB
6 KB 21ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13081
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665779d0040e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 60E5 6 KB
3 KB 337ms
336ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPOLA%20DASAR%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-134219354&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3fd39c483344b8aee3d71b580e27fe15c0a632d2deae52b16d79565d6ffbca

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.216
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFiDAj4YwxslpOv3R9c5YltFuL3IHLelLOtIqmxN0rpdjcOTABlKdT5ItjLAPGDKucgbWq0Opquo7cr4OCc130JPP4UMav4zrYJVlXMMm92LaR17oEIsHuXGgWElikoCUc2VJzhBLNhQZR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665779f315f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 34D9 16 KB
6 KB 51ms
50ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13081
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665784d5e40e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 34D9 6 KB
3 KB 391ms
390ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:110261908&@b3:1707253996&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6829299e2c29c2b88d1f6024531303284c0460a6a222aff4e3e465f65e398412

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.215
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Msk%2BoPVYxcdu%2BufGmZ95BAVt%2FJ89no17S3m9EwciJJdjxaSYreSZz%2B6FkPOB%2BCSTARAFNuUqseNEghzkxRCNwx5fqaqluTtGb4L1hPt4Jr9wkMI3jneqBx179mpM6uwsDCBiUi2f6Bs64tM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665784f7b5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 2FCB 0
72 B 32ms
31ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.velbettgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 538B 0
72 B 31ms
31ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:19 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame 877C 108 KB
13 KB 16ms
15ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 877C 227 B
271 B 43ms
40ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 877C 2 KB
374 B 44ms
41ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame 877C 28 KB
8 KB 44ms
41ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 877C 86 KB
29 KB 46ms
43ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 877C 13 KB
5 KB 84ms
81ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 877C 157 KB
26 KB 18ms
15ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567711
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 877C 30 KB
7 KB 39ms
37ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048144
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166578485389a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 877C 21 KB
8 KB 21ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084204
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 877C 62 KB
16 KB 21ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368814
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame 877C 883 KB
0 24ms
21ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame 877C 43 B
182 B 261ms
259ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 877C 3 KB
1 KB 112ms
111ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 877C 8 KB
2 KB 11ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 877C 6 KB
2 KB 12ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 877C 112 KB
34 KB 18ms
15ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 877C 4 KB
2 KB 107ms
105ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 85D3 437 B
572 B 764ms
255ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:181345010&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 6f62ac9fff6ec21e48f752d02d0aa9faa3e7f6275ccce54216ae6520b1848d2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:20 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 8473 0
299 B 356ms
345ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 1.26
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7nXsJ6BChN%2Bw3zibQrnP%2FTnUK%2BIhLx1ZUjGicGW5cVtQan6zdwxK5VTzGl3NyOhWfoVSQnYDI4GsehCNM4GzpOK7SEGW%2FJ77U1sSuWHhJJDdHlrPPzvr12sQRaHcCwk97fYZxXH1T6sTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 851665789ad13e01-SIN
expires: Tue, 06 Feb 2024 20:47:35 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 8473 33 KB
11 KB 27ms
16ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1615
x-amz-cf-id: U5Q_pv_oryIFnZLqkrXbvuim3Y6UbgD4YFyvGdukvwWJQ1rjqyWdig==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 8473 0
307 B 350ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=1k5shfatpr&_pv=5&_ls=17&_cc=sg&_pl=d&_b=chrome%40121&_cbid=71no&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.109
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAEUPGOhBkEcI4Y0YdnjD%2FTeDTTSEDFbfT5ORLYXiOD4Bd7NMhToA4RGK46coZuH9sljXEiUXnvFv0lKSAaTVaDa65TUAM6%2B6XT1bKJiFaMw0DlmImXPayU2ottP8JbnXINdhhxqiMoGgak%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665789fc45f5e-SIN
expires: Tue, 06 Feb 2024 21:13:18 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ Frame 8473 0
445 B 323ms
276ms Script
application/javascript 2606:4700:3033::6815:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=300&d=vip.zonaprediction.com
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
x-t: 0.57
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E14lwzYmVVyHLe8iO0l3Y0xP2JnsBxf2GAdUmSgdeZrza9sY4H7mS7eWJipZUBd70JG5KDZ5fcKAfhdNdEBgQL7RAygjpkbQvSvKaEr3BZx8PI2xkGgkWcwDKK%2B45MDzbl8xkFeM4t%2F6lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 85166578da628942-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame C51B 0
145 B 260ms
254ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=22303&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 839AED8F0C4E42A9B24D1709813441A5 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQwvvBf0IRDqIkRv8g==

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0DB3 18 KB
5 KB 37ms
33ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 874B 43 B
573 B 245ms
244ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=57634

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 0F3C 43 B
573 B 237ms
236ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=51253

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame CFCF 766 B
1 KB 10ms
9ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648990
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: a62HElwLBwxe5Sqf7KESC2hpALNFJs1oJCEflUE7tL6zm7U3FnXehA==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 6C19 766 B
1 KB 9ms
7ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648990
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: v0a5ngvy2dloN0DqBkNyDyO38y6vCmLYT9ruzJ3y4uZXHEDDVgmQEg==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame B998 15 KB
3 KB 9ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame D186 18 KB
5 KB 10ms
10ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:19 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/pola-dasar/ Frame 3C5B
Redirect Chain

https://vip.poltar2d.info/pola-dasar
https://vip.poltar2d.info/pola-dasar/

120 KB
26 KB

51ms
51ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/pola-dasar/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

f1fb4cf4aace7e9d5bc9896c934708c2b09bc05a783ceb3721c898e0c508a148

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/live-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:19 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/193>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=193>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:19 GMT
location: https://vip.poltar2d.info/pola-dasar/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 283A 0
146 B 249ms
248ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=22273&pu=https://vip.poltar2d.info/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FDEEC706D1EF4163814AFA4141FA7B7F Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQwx5KdeJ6aAAfJRYw==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 039F 0
145 B 324ms
323ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=37419&pu=https://vip.badutprediction.info/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 07FE084BF7734F108500460F17A7E580 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQwx7ocb4MrvX/DQ2g==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 799A 169 B
451 B 213ms
212ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 6C18 169 B
449 B 211ms
210ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:19 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7E5D 766 B
1 KB 10ms
9ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648990
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: mPus0rnVQDwCv9TFBwMQOwCdPomjuzpYC9xnFXlyJLaIjgwJ4JY26g==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 67D9 766 B
1 KB 20ms
15ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648990
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: y94OaY5_3ghHjersjzZnlnImc0yXooaDPp5YqgzrgzYInDfVgMY72A==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5B15 11 KB
5 KB 22ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78821
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516657bffe840e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 78F2 10 KB
2 KB 19ms
17ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 5B15 75 KB
76 KB 27ms
26ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225059
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516657c3a1b40eb-SIN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame FBEB 43 B
573 B 254ms
253ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=96252

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:20 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 2407 230 B
529 B 12ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 2407 231 B
530 B 12ms
11ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame BF22 11 KB
4 KB 19ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78821
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516657e29e140e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 5445 10 KB
2 KB 11ms
11ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 9885 169 B
454 B 206ms
203ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame EF1B 5 KB
2 KB 11ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1450
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: gmfil732Z7sY0Vzx3vyjQDf9ZxyBFClezdxI8WlFnd69YveW63_gYw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 0E2A 5 KB
2 KB 10ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1450
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: b4dVtz2MS2Uex4lOfVw5J-0C7lx-OfIQVSO-_DJknssItz3uz7SiWA==

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 0DB3 438 B
573 B 770ms
258ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CHINA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-69386526&@b3:1707254000&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-china%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: f5c4b80f8fb164da563570c43bfdeeb83477c65bc1b64dbd01a05d0ec16b4369

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame BF22 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame BF22 75 KB
76 KB 19ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225059
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516657ebbe440eb-SIN
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame 0DB6 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame D186 435 B
570 B 738ms
241ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%20CT%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-136928222&@b3:1707254001&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-ct%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 2254c582ca5d88d3061a726b5e179fa7381b75666b8fecd7cf66109267152d36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:21 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6972 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2394 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 live-draw-china.php Show response
rankcrack.com/ Frame 3F9A 651 B
746 B 29ms
28ms Document
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/live-draw-china.php
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livechina.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fb574ba0087738e2662388a3f51043e2d9010322bc48390a0a34e1ce588fcac

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 851665810a0a5658-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MM%2FTV4rd1zjKdLmBXk2grg5U92XlPQi4S3wAb2qkBCzsuHACZGqrZEBB9kdp8lX%2B3B8ypksN0zLjPT%2B7ROlChMnFZEJw%2BfoKHUnjKHWn933S9qPo6VGejqSyTW05en3wE39xBBmX6C01d47s"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 93D8 11 KB
4 KB 30ms
29ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livechina.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78821
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665811ba440e8-SIN
content-length: 4547

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B346 11 KB
4 KB 26ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78821
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665812ba640e8-SIN
content-length: 4547

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame B318 0
72 B 20ms
20ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:20 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 3C5B 108 KB
13 KB 15ms
11ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:20 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 3C5B 227 B
246 B 39ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:20 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 3C5B 2 KB
349 B 40ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:20 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 3C5B 28 KB
8 KB 40ms
36ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:20 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 3C5B 86 KB
29 KB 52ms
47ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:20 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 3C5B 13 KB
5 KB 101ms
97ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:20 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 3C5B 157 KB
26 KB 20ms
16ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567713
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 3C5B 30 KB
7 KB 35ms
31ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048145
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665815cba89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 3C5B 21 KB
8 KB 26ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084206
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 3C5B 62 KB
16 KB 26ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:20 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368816
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame 3C5B 0
0 59ms
52ms Script
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 3C5B 3 KB
1 KB 124ms
122ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3C5B 8 KB
2 KB 12ms
5ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3C5B 6 KB
2 KB 12ms
6ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3C5B 112 KB
34 KB 13ms
7ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 3C5B 4 KB
2 KB 28ms
21ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5406 11 KB
4 KB 56ms
55ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78821
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665818c0940e8-SIN
content-length: 4547

GET
H2

200

merge
ce.lijit.com/ Frame C51B
Redirect Chain

https://um.simpli.fi/lj_match?r=57807
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

203ms
203ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:21 GMT

GET
DATA 200
OK truncated
/ Frame A20E 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET gif.gif
zona-angka.top/wp-content/uploads/2023/06/ Frame A20E 0
0

GET
DATA 200
OK truncated
/ Frame 8A1B 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/ Show response
vip.poltar2d.info/generator-angka/ Frame 58AF
Redirect Chain

https://vip.poltar2d.info/generator-angka
https://vip.poltar2d.info/generator-angka/

108 KB
26 KB

48ms
47ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/generator-angka/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

f97e964ecfd954290ab7a16bb20cd0f800c3f8ba214f8ebcb982332168efc418

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/rekap-angka-3d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:21 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/157>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=157>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:21 GMT
location: https://vip.poltar2d.info/generator-angka/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 874B 0
145 B 251ms
249ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=32173&pu=https://vip.poltar2d.info/paito-warna-japan/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 10BAD45DF352436286DC9AA0159DB83D Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQxLDecnV2kgzfnU6Q==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 0F3C 0
145 B 315ms
314ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=27442&pu=https://vip.badutprediction.info/prediksi-sydney/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9F8ACDB10AF347A8828069313D0F3A4F Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQxLEj6ElEAcytmizg==

GET
H2

200

merge
ce.lijit.com/ Frame 283A
Redirect Chain

https://um.simpli.fi/lj_match?r=62247
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

203ms
202ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:21 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 039F
Redirect Chain

https://um.simpli.fi/lj_match?r=39819
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

204ms
204ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:21 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 78F2 15 KB
3 KB 10ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 6BB2 22 KB
12 KB 20ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72176
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166583fd4240e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6BB2 6 KB
3 KB 374ms
373ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:56051259&@b3:1707253998&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f046fa84ac92d5da5d0a76ad78b2f33f2237c7e0ee5075d79b579b87c6970e5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.194
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zi2UaOXE6wHhDf5TnuUfdggi4TvwTWQosYflq5ZDOMwtf2ORkyQIFUcTt%2BwyenY%2FBpNQt6X8hssh2QTMNMCEogVDswKW1ti%2Bl%2BWm6vfgz4IYW568GyiPw2k46eFZ%2F3QOlR5MY34JnETVP9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166583ffcf5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:20 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 3D28 0
537 B 371ms
369ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 1.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLur9eod0hLkKQzRd18lLctY6odDiQjlN%2FjJbwAPjOoapu1RkTGMg83E6AvZEXERU8P6qwoLwu3LB6BI%2BKh6vwyC%2FF2jKEykrmv4Q8DwgjpR0Zbzxr38FBUv3tVLyI7ewP5Ai3JVFy2SEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 851665841b1e3e01-SIN
expires: Tue, 06 Feb 2024 21:10:49 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 3D28 33 KB
11 KB 14ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1617
x-amz-cf-id: 0WnfI0aP920ubdiIlA7Rdld020PISAEZLdtke7FRceB5ZpyEjl7tRQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 3D28 0
304 B 367ms
365ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=9&_ls=15&_cc=sg&_pl=d&_b=chrome%40121&_cbid=45qt&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.08
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQ%2B1WfYV%2B4kwGoFImfZRovQ%2BoD8Q6lhCtZG74yXCXakP640cL7xG1dGq3KIFTxBPYsSNYn0sD4fUgkQlmkLTRvXr8yr2xN%2FyLAQDA9A9rUXtsoOwUMiAxt6ayu7wLn6jh%2Fmnkt%2BtpsTs2Lc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665841fde5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:20 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6972 0
441 B 362ms
360ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.99
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDTPtlImkPAXUuNXAv6XYQBmnuQJ79cwDJ8vwIBmbqHDL8Au9N7lob1w05PMMxokZ4LVURLDHnAWk%2Bg9V%2Fz0raazQNF20DchLeg9eGv28l434vRFybRgWNG66G6nEkQSCLFD%2FSJXt2R30w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 851665841b223e01-SIN
expires: Tue, 06 Feb 2024 20:19:13 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6972 33 KB
11 KB 16ms
14ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1617
x-amz-cf-id: 0-hCioY5Dgtnm_cceE65YW8AbS_nieMchoP5bAZfOmHk0XKANkmlhg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6972 0
283 B 372ms
371ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=10&_ls=16&_cc=sg&_pl=d&_b=chrome%40121&_cbid=6nq2&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzrwUaORZM%2F%2FMYn6GdRzNGSdgz5sFQip8K2ncIqZOERwiupfLVihR6cZVShn1UannnFcJdT9NNKJ4M5M0fJJhs6eHoqZ4Bt%2FJyu%2Bk2Efc6ZNae3SD4PbKqXStxvky4PpodIoteduWUYrlqc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665841fe05f5e-SIN
expires: Tue, 06 Feb 2024 21:13:20 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame DF4B 437 B
572 B 845ms
355ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-89952332&@b3:1707254001&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 6f62ac9fff6ec21e48f752d02d0aa9faa3e7f6275ccce54216ae6520b1848d2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:21 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 308A 437 B
572 B 748ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-47365182&@b3:1707254001&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 6f62ac9fff6ec21e48f752d02d0aa9faa3e7f6275ccce54216ae6520b1848d2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 2394 0
463 B 1308ms
1305ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-t: 1.01
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJcec98oXPC3AGyVw0iqdDwDwdwW%2F89GHHS0W7JU2rDTXjrbH6928m2010ZcSF%2FZj%2F0W%2BU5fU9fLjr8Vux873mxDE%2BNmLCMACBFnH3r48%2BY4e0zfD%2FUWt7NEQCF%2BfYEMefYGk4P5o1AFNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 85166584fbb43e01-SIN
expires: Tue, 06 Feb 2024 21:17:01 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2394 33 KB
11 KB 14ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1617
x-amz-cf-id: DXAf0GROiias3MvSNW04rMvd_a_l-ghpLCf_L-Bzgz5eUhT50L1YSQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 2394 0
294 B 345ms
344ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=6snwpnk6n2&_pv=6&_ls=19&_cc=sg&_pl=d&_b=chrome%40121&_cbid=2ma8&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LNiv90VbtzyZXMeeAtle%2Bommw4ZB2TDYmvpwgSEzQKIvSiw5Qm2lvaAqJVrgPezPLoDALl8LLF48Z7yn600r%2FQj4qW49YwYhhCC6z7dY0ByWdMefiQaRL%2F8BWxoZhz3ZHhlG23gF%2F%2F21nU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85166584f85d5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:20 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5445 15 KB
3 KB 8ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:14 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0DB6 11 KB
5 KB 44ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78822
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665851dcf40e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 5884 10 KB
2 KB 50ms
50ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:21 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3

200

/ Show response
vip.poltar2d.info/pola-dasar/ Frame 3BD7
Redirect Chain

https://vip.poltar2d.info/pola-dasar
https://vip.poltar2d.info/pola-dasar/

120 KB
26 KB

65ms
65ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/pola-dasar/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

75dbd7296a0cf297d536c6436a2ff7251fec6afcc0e0291bc6a207422b2fbfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/buku-mimpi-2d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:21 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/193>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=193>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:21 GMT
location: https://vip.poltar2d.info/pola-dasar/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 43CC 0
72 B 21ms
20ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:21 GMT
content-length: 0
vary: Origin

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame E567 16 KB
6 KB 26ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13083
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665856dfb40e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E567 6 KB
3 KB 367ms
367ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Warna%20Cambodia%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:13955877&@b3:1707253998&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa6ed10e30b53fd43271d009e1e6284aabb280faab333dc7dedf200c5d7bd5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.215
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OE1iZdVk%2FE8Qx1zmnL%2Ff6G0%2BlolF3k89kwZi0jmv9Pv4mZiFdxtpgKPfsr0qoOXXSHZHuUhOgGArjYYsjNwLDyKJK6UWf0b7Kv%2BZE5lYLRMdSZ5Zg5Rl6ioWwMhOnnrPAXwxGCiYxFbt7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516658568955f5e-SIN
expires: Tue, 06 Feb 2024 21:13:20 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 0DB6 75 KB
76 KB 16ms
15ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225060
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516658578ce40eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame E241 18 KB
8 KB 21ms
20ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44485
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166585fe3b40e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E241 6 KB
3 KB 340ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:188891204&@b3:1707253998&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e00718e909000e3e12ff00a6dda19dac5b1ebbfb91f8dc37cbcb6c3dc790789

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.263
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QBD5at%2F5lsmQmLs%2F3J7XCIotKfOJPCTcOtCLXoipMwPCEHtCDjST09O2hIBw7gEHt52n79bppGdcEArstM4Wk3tN81qVSxYRPQXV2TkbpLnc%2BopoIouyznpW1pUdSjbOOXypNgFkI%2B%2FnsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516658608d15f5e-SIN
expires: Tue, 06 Feb 2024 21:13:20 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame FBEB 0
145 B 267ms
267ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=26073&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E4D0816230C940A589B169AE5CE9370E Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQxQNLq/wThWtrfdnA==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 4AEB 169 B
451 B 209ms
207ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 1C50 0
440 B 283ms
280ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flivesd.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesd.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 1.14
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvxKPQ%2BDlqeXiD3fHG6MJFaDMAz%2BawSjo8XrI4aK4LSVcdb%2Bk9IcZCS826r3z0OwaBfSrXywu2Qx5plbMRJKXhFetjVx%2B721aA4XWceC2Y8CyqL%2Fp3CuH1vLUvXE9vas87nbn%2FZ6Uh%2FkiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 851665862cb03e01-SIN
expires: Tue, 06 Feb 2024 20:47:38 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1C50 33 KB
11 KB 14ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesd.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1617
x-amz-cf-id: hCuTEfrDMYcHBbiV3j8pYsDY7CanW9q4SnCPxb_xDTJgNhG5xk46UQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 1C50 0
285 B 332ms
331ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=547xnfqip6&_pv=2&_ls=17&_cc=sg&_pl=d&_b=chrome%40121&_cbid=1k0m&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesd.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
x-t: 0.087
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPQ%2F9ZOWK2Ls1CmzLjV%2BWHB37pkYVEQ2ZHLKAc4CLzTiCmswcoZtehEkxDW4JwL3dij7HyH6NOIpbG4AssCXCyHdwF6tMVF%2BNbHMbuq3mSE56lEtlBqWWrNCIyZ7o7rBdcaepbK6lCdegow%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516658628df5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:20 GMT

GET
H3 200 style5.css
rankcrack.com/css/ Frame 3F9A 8 KB
3 KB 24ms
21ms Stylesheet
text/css 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/css/style5.css
Requested by: Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afd8132abd29ec4f4e38e5088bc5cce3b8c65a97439a0f6cacfcf7975b9d144

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://rankcrack.com/live-draw-china.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 07:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1634
etag: W/"2b1ea1-1fb2-5f39ea947f180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NI8R7bh5yc3wKegQjQGPN74ELZwEYPxZmcctQyhGvey4LzjM1oR4TXS0JvEIPoOnkZ7GjdIZmIkLvaVReV5TWDNWPEc0rufoilhtxb15J%2FKCo7AEuUrKEnv%2BpLR5IlXlkcGNWpsqI6wbPU2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 851665863afe5658-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 3F9A 2 KB
663 B 26ms
22ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:56:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 21:13:21 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 3F9A 86 KB
30 KB 16ms
14ms Script
text/javascript 2404:6800:4003:c1c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 08:47:28 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 74E9 18 KB
5 KB 13ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:21 GMT

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 752ms
255ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:51658524&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 752ms
255ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-165327731&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 755ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:198818983&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 757ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:137308037&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 1237ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:37001884&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 1269ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:126835067&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 744ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:78099630&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 743ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-70209256&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 756ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-90852488&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 760ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-14115235&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 801ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-155474798&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 974ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-162521578&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 771ms
257ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:2940558&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 777ms
253ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:97048125&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 1233ms
252ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:137229914&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 355D 439 B
574 B 1262ms
247ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-168878771&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 8A1B 11 KB
4 KB 22ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78822
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665873ec940e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame 4E41 12 KB
2 KB 12ms
11ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:21 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 8A1B 75 KB
76 KB 15ms
15ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 465140
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c4f1d4ee3f7913748b6627f04107416
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665882a5240eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 5B15 18 KB
5 KB 35ms
35ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 2407 16 KB
6 KB 20ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13084
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516658a280440e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 2407 6 KB
3 KB 366ms
366ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:52693711&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b5962fdfb855cce00a56ffd83ae9fe3a7e71fd1648b19a65f54c2d207e2610

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-t: 0.232
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFrSTjRwkQ4hdsWuqVubCsASaGh2M7kxFXxq7QZnvUxUmIG2D33tjX2ZiclYN%2B%2FyFlPmG6OYrp6yITB%2B7BX8uLDNRZI1aSGjAhrh52lAhmHqJsEZRhtAQgrRQElnYOAPKs9eizwFIAdfmL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516658a3b505f5e-SIN
expires: Tue, 06 Feb 2024 21:13:21 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 58AF 108 KB
13 KB 12ms
11ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 58AF 227 B
273 B 51ms
46ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 58AF 2 KB
353 B 51ms
47ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 58AF 28 KB
8 KB 53ms
49ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 58AF 86 KB
29 KB 16ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 58AF 13 KB
5 KB 105ms
101ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 58AF 157 KB
26 KB 19ms
15ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567714
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 58AF 30 KB
7 KB 31ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048147
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516658a4a0789a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 58AF 21 KB
8 KB 22ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084207
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 58AF 62 KB
16 KB 23ms
19ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368817
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 58AF 3 KB
1 KB 90ms
87ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 58AF 8 KB
2 KB 19ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 58AF 6 KB
2 KB 19ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 58AF 112 KB
34 KB 20ms
13ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 58AF 4 KB
2 KB 42ms
34ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 8B6D 5 KB
2 KB 19ms
12ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1452
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Uf9hr-nrBRHHkHzOQ1c0zSp_ap0QspcBgvjY8pbc1MoVSg0pKIZrLg==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 5ED2 5 KB
2 KB 19ms
13ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1452
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ZoeqEXBcxY0ZCugpVIWFZE5oohwi77N5CL1-MORMjawfbYVYkgWUCQ==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame DD1E 0
72 B 18ms
15ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zona88.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:22 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame E86F 43 B
573 B 253ms
249ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=43253

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 25C0 43 B
573 B 244ms
242ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=54700

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5884 15 KB
3 KB 15ms
14ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/prediksi-sydney/ Frame E47C
Redirect Chain

https://vip.poltar2d.info/prediksi-sydney
https://vip.poltar2d.info/prediksi-sydney/

698 KB
70 KB

112ms
112ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-sydney/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

046ae83e54f2cee93f8fedd6f77d51f475f9fd0864a10303dab2a36c6c4e1a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/generator-line-angka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:22 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/55>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=55>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:22 GMT
location: https://vip.poltar2d.info/prediksi-sydney/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame C51B 43 B
573 B 244ms
243ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=88163

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame BD66 85 B
481 B 26ms
25ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606846
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: T_3RT6Ny5GmKbc2Q1e07IUA8Kujrt17jAZdSdmvLk64oj1MrMFV4AQ==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame EEF1 0
445 B 371ms
369ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-t: 1.22
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfHWeNUI4WnjXOim0KUlUDyTTHhpPVsSyu%2BXsL3Msfdd6b3b8neZERPj7sLsqQlv1Ce%2BX%2BMrkKki77eJ7oUpr7rUP2yfMcV0VmM8MjuIH%2FofOzwunuQ2tv3oa4a95DFLU3vfyjpdqv9VIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 8516658c0ab03e01-SIN
expires: Tue, 06 Feb 2024 21:10:50 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame EEF1 33 KB
11 KB 25ms
23ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1618
x-amz-cf-id: GIB2yAsoV7uGnMVQy4S-0pCSWgEEmtGZf74MrG27KDKQhXDEjGXhnQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame EEF1 0
284 B 374ms
372ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=547xnfqip6&_pv=3&_ls=18&_cc=sg&_pl=d&_b=chrome%40121&_cbid=3zlr&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-t: 0.11
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TzGdQdP%2FL1ptD9xIYx2wmjA4IlLFrbqkrt8WOxi0oufuPJcpRJUm7%2FneIIIKEFGtMH4Ug0hTbqCHF7Vf52vKuvOn35EXJVt%2B198N0VvLQWkPqRMbgcsQF5omCwF%2BBrrcsFo2i3mv4JoDZA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516658c0c485f5e-SIN
expires: Tue, 06 Feb 2024 21:13:21 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0DB3 230 B
529 B 17ms
16ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0DB3 231 B
530 B 17ms
16ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame B639 0
432 B 356ms
346ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-t: 1.11
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fu3IYThHfvc%2Be2AsAZ298d4s45D%2F2rvxPgSXVbfF7uXYPe2uaacM0n7UU8F4CF8S%2BiY075yInbyXrr07k9pPyKmwSSVclcwmozxgpOsc1MYxGTwcYom48GojcvKIaWA85bqzDfyZtHDTGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516658c0ab73e01-SIN
expires: Tue, 06 Feb 2024 21:13:58 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B639 33 KB
11 KB 23ms
14ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1618
x-amz-cf-id: CfELRkZa1fFlkuzvfcy5tJYcaZUVWn8c_Hlr8nUX5zmNOJfpA4I8ig==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame B639 0
291 B 368ms
359ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=woyan4849m&_pv=5&_ls=20&_cc=sg&_pl=d&_b=chrome%40121&_cbid=763k&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-t: 0.117
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BCNMsuW%2BO1QRa7QgZNSDc7mNj7lvfCXYAueBZr%2BHyw2UXAhBoqR67g59nfs%2BAwk6Hi5Do78FYjvLKIRJ7RCOMLRoOIe2M07PNXNRbHxCcUTQKXbkojNYsduQsfC%2FVOtT4X9%2FcIA%2FXNFaCk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516658c1c4c5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:21 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ Frame B639 0
306 B 297ms
289ms Script
application/javascript 2606:4700:3033::6815:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=300&d=vip.zonafantasi.info
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
x-t: 0.58
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deQEksa2Y6v0%2BipRo7KWReH249Blb4IzCJxMisaTmN8qbYS3KHEySzxn%2BzggrfWoCwl0%2BSpwHwaxm0umRNDr%2FEGeM4Y33JpQ5o8HGCWa3yEbo6vISMMC8pjBAow71o5d98OI81gESBkcwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8516658c1f9c8942-SIN
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 34D9 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 60E5 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame 877C 135 KB
135 KB 20ms
18ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
DATA 200
OK truncated
/ Frame 877C 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 74E9 438 B
573 B 930ms
246ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CHINA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:1340892&@b3:1707254003&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: f5c4b80f8fb164da563570c43bfdeeb83477c65bc1b64dbd01a05d0ec16b4369

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 3BD7 108 KB
13 KB 16ms
11ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 3BD7 227 B
246 B 39ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 3BD7 2 KB
349 B 40ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 3BD7 28 KB
8 KB 46ms
42ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:22 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 3BD7 86 KB
30 KB 107ms
102ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30412
expires: Tue, 13 Feb 2024 20:52:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 3BD7 13 KB
5 KB 97ms
93ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4870
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 3BD7 157 KB
26 KB 16ms
12ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567715
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 3BD7 30 KB
7 KB 32ms
26ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048147
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8516658d3b7789a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 3BD7 21 KB
8 KB 19ms
14ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084208
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 3BD7 62 KB
16 KB 20ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368818
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame 3BD7 0
0 55ms
46ms Script
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 3BD7 3 KB
1 KB 133ms
130ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3BD7 8 KB
2 KB 19ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3BD7 6 KB
3 KB 20ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2490
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3BD7 112 KB
34 KB 20ms
12ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 3BD7 4 KB
2 KB 44ms
36ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B998 11 KB
5 KB 24ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78823
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516658d398f40e8-SIN
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D186 230 B
529 B 16ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D186 231 B
530 B 18ms
18ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame AC9B 13 KB
4 KB 28ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 69710
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516658d59a540e8-SIN
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame AC9B 6 KB
3 KB 398ms
391ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:4180953&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04750f0bf51a55ec34ff64445f0fee551550377d1cc8a09e485cd78dc5f27755

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-t: 0.234
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taguljLcuYg5TGF%2BToe6cjsEMh8hT4bYvU9kG5AovmHjW9nUB0YovekQ8W6skXc7WFf4Ks7G4CND8H%2BMB23P5%2FN7VS%2BrlLZVUve4RTl8EjmdCiHx0u4n5SUxJkhJ1sKwl1UvDzUlujP%2FnZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516658d5d135f5e-SIN
expires: Tue, 06 Feb 2024 21:13:22 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 749B 0
72 B 14ms
13ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.poltar2d.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:22 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame DE84 0
72 B 15ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:22 GMT
content-length: 0
vary: Origin

GET
H2

200

merge
ce.lijit.com/ Frame 874B
Redirect Chain

https://um.simpli.fi/lj_match?r=73355
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

212ms
210ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:23 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 0F3C
Redirect Chain

https://um.simpli.fi/lj_match?r=80678
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

212ms
211ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:23 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 283A 43 B
573 B 242ms
241ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=66376

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame CDAF 85 B
481 B 12ms
11ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.velbettgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606846
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: EXrLDieeuezi538cbMm1ZcEewpc0Az7v6YRS1gvBpqMQSvaUq712QQ==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 039F 43 B
573 B 249ms
249ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=27339

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame E3D5 85 B
483 B 11ms
11ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606846
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: BjV0fXPsEkOSNjcVKUOQbiDzgK7F2Kj8lZTp6Vy_u-2BvJaGaW3r2w==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame 2E16 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 4E41 15 KB
3 KB 115ms
115ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6BD6 5 KB
2 KB 84ms
83ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1453
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: hYofR4WENzm9xN9zuJjLNZrVhCk_wAQCRWSRhmW7mCvphXxsxPfDOA==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 0741 5 KB
2 KB 82ms
82ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1453
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: C-IPiku4sRIgulzwhbK-fLWcGOaUn4i5-Gl_linMAYsbURH0U3V0JQ==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame F662 5 KB
2 KB 81ms
81ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1453
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: vpUSuyIDppouR7bqwjK9NWWs-Hs14mwDx6s-qN6Pmq6i4qrEDkGfpQ==

GET
H3

200

/ Show response
vip.poltar2d.info/generate-bbfs/ Frame 6A56
Redirect Chain

https://vip.poltar2d.info/generate-bbfs
https://vip.poltar2d.info/generate-bbfs/

102 KB
24 KB

58ms
57ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/generate-bbfs/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

2a6737fae63e5430f512fea02de2f309390b6640591b507a787109de9608d018

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:23 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/155>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=155>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:23 GMT
location: https://vip.poltar2d.info/generate-bbfs/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2

200

merge
ce.lijit.com/ Frame FBEB
Redirect Chain

https://um.simpli.fi/lj_match?r=60442
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

205ms
205ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:23 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame D426 43 B
573 B 269ms
268ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=98909

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 28B5 43 B
573 B 269ms
268ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=95339

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 6DA1 18 KB
8 KB 52ms
52ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44487
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516658fba9140e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6DA1 6 KB
3 KB 365ms
364ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:62370643&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e8c152b108be27b4acf6d88ba839b67fc6164d55a5d2bde318d4277e33d644

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-t: 0.213
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdNpbuasvpAaRMArs0tXBNOYkGodQVXUsJQOU6XiYwfPmrr52V4HrDTey%2BvqaLDnwTZ33ZSjWIxbq7OBVjGkdMimlfclR8TnCb1lrDUgiNWySIzRXJiyakjQvx1ejMSbOEIe4ZDYLGX9%2BXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516658fcea05f5e-SIN
expires: Tue, 06 Feb 2024 21:13:22 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 5B15 438 B
573 B 794ms
250ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%203D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:46697261&@b3:1707254003&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-3d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: f5c4b80f8fb164da563570c43bfdeeb83477c65bc1b64dbd01a05d0ec16b4369

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:23 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 60E5 0
560 B 407ms
406ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-t: 1.19
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4ZUfKmD8OXYtCegr5rXlttndxb%2BtX2oNZykIWwTUiCuR8p7eSUaXcOCwFxYyq7bBZEKCrhjPKaGyvT%2BFRcO70bwmcY7aCuCVVjeLpyu2gbEORqf9EdaeduLX8YsDdcnB1iSaEaDrf7zFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 8516658fbd263e01-SIN
expires: Tue, 06 Feb 2024 21:06:37 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 60E5 33 KB
11 KB 40ms
40ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1619
x-amz-cf-id: aDagPa1teMNiGcvXhw98iO6L3rKj4YK2t04QEQKajwVA5lhfVx8iqA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 60E5 0
295 B 355ms
355ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=11&_ls=18&_cc=sg&_pl=d&_b=chrome%40121&_cbid=3wkz&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-t: 0.099
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQTsMWZwkHsIAyDb9V3QMPc12D%2FDEyerLhQVIDaan6cL2Bb9CjNEuQYGezTjOxP2gnF5fqZ3LM4doaQk4Ilr1SrVZ8NW9Gbqdyy6kZkk%2B1zhfVoZzthdrLiFaUqpFs%2B24w%2Ba%2B%2BfvenGEWL4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516658fcea15f5e-SIN
expires: Tue, 06 Feb 2024 21:13:22 GMT

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 85D3 18 KB
8 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44487
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516658fba9240e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 85D3 6 KB
3 KB 356ms
356ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:181345010&@b3:1707253999&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f127295d4b528f370c2500927e3ad7428db89b7035ca7c020a01639fbe64bd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-t: 0.218
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ex%2BekOaOC109G2u983EHuql2BJAb4OeUpBXidaWpVWZ9w07o6NgzbGRwYgvRpjdNKIcSQH7aDILhHRMGdShNVKzdN9bYy6K%2FxTKOKzNA06gtJaRSeicsKGR3rG1ssiPVWeF96DNRGexKB10%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516658fcea25f5e-SIN
expires: Tue, 06 Feb 2024 21:13:22 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 34D9 0
451 B 299ms
299ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-t: 1.31
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Udxf86fKVZw23FeypMg4OkV%2FANhG5bx3jhx7oS3SuBTV6S5eLs794g%2BrY1VWirFbvVRKWGx8qORQGpTIJtwtJPInAnGS4O0G9j6rKiWOXBHBRLIsa8UwfjCgYItjGeJkk8Z94ooP%2Bn0cdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 8516658fbd273e01-SIN
expires: Tue, 06 Feb 2024 21:13:59 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 34D9 33 KB
11 KB 37ms
37ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1619
x-amz-cf-id: Wx9byz8Yjs0MDx3Cn3CqZ4XAO1YTHLp7rFeFcqnNIqm0rK90QJGRqw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 34D9 0
287 B 380ms
380ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=12&_ls=18&_cc=sg&_pl=d&_b=chrome%40121&_cbid=4ldu&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
x-t: 0.097
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vhFYflCAx57xdgVSpat0%2FoI1RoIKi9V%2BzgK9ssH%2BsbKEWxsupqOcg803YUP9i2OtVr4EbX%2Fyt8AHUrxjQ0ZpS5rIWnHaENZ3DtDxpWd9%2FZtuuRtB%2FKSuiP7ev87VtvspUsLyPUd8wCf0JU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516658fcea35f5e-SIN
expires: Tue, 06 Feb 2024 21:13:22 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 8473 5 KB
2 KB 10ms
9ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1453
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: RkHsk1pT9VKKD0lumW1_fH5cgV9TtEXo7l_lPx19UmYjBY9bT7_CQg==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame EF1B 169 B
449 B 207ms
206ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 0E2A 169 B
449 B 207ms
206ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 8C8A 0
72 B 12ms
10ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.velbettgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:23 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame D157 0
72 B 13ms
11ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.poltar2d.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:23 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame D3E5 0
72 B 13ms
12ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:23 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 877C 11 KB
5 KB 26ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78824
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665919b7040e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame 2A8F 10 KB
2 KB 17ms
16ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:23 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 2D07 112 KB
25 KB 119ms
118ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

e2f8f1a96e17a5966d8577697e0f1cf140712a4230f8f0eee311b3dd2811e463

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:23 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame BF22 18 KB
5 KB 13ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame BD66 766 B
1 KB 25ms
25ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648994
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: UvSl8lc-un8ACHWuQPhaWR3OM4FYIlhQ4WkOoCbSSigh2U3zODhJMg==

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame E47C 108 KB
13 KB 11ms
10ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame E47C 227 B
246 B 39ms
35ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E47C 2 KB
349 B 40ms
36ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame E47C 28 KB
8 KB 41ms
37ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame E47C 86 KB
29 KB 13ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame E47C 13 KB
5 KB 115ms
111ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:23 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame E47C 157 KB
26 KB 13ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567715
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame E47C 30 KB
7 KB 22ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048148
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665922ddb89a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame E47C 21 KB
8 KB 16ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084209
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame E47C 62 KB
16 KB 17ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368818
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 18a1e3ac1f6c65c911ecff2ec84f74cc
secure.gravatar.com/avatar/ Frame E47C 3 KB
3 KB 16ms
11ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/18a1e3ac1f6c65c911ecff2ec84f74cc?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b3bc87f36189128324553379012da869ef88015dbf6a9e33535bdf09de771083

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:27 GMT
last-modified: Thu, 11 May 2023 05:09:34 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="18a1e3ac1f6c65c911ecff2ec84f74cc.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/18a1e3ac1f6c65c911ecff2ec84f74cc?s=50&d=mm&r=g>; rel="canonical"
content-length: 2605
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:27 GMT

GET
H2 200 c7b37b57c25cdebc25422430bfd9ef0f
secure.gravatar.com/avatar/ Frame E47C 6 KB
6 KB 16ms
10ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e4da1a45ed746764f7043a54f5c78ac0840286859eddb34428d87f941d351c36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:27 GMT
last-modified: Fri, 29 Sep 2023 15:10:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c7b37b57c25cdebc25422430bfd9ef0f.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c7b37b57c25cdebc25422430bfd9ef0f?s=50&d=mm&r=g>; rel="canonical"
content-length: 6068
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:27 GMT

GET
H2 200 b56670e2550efc9c17c4db0317240d03
secure.gravatar.com/avatar/ Frame E47C 1012 B
1 KB 17ms
12ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b56670e2550efc9c17c4db0317240d03?s=50&d=mm&r=g
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f0b025141ad7acf44c398e0f97eb1f60571ecbcd23394c1c546c97ef83c726ed

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:27 GMT
last-modified: Thu, 11 May 2023 05:04:22 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b56670e2550efc9c17c4db0317240d03.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/b56670e2550efc9c17c4db0317240d03?s=50&d=mm&r=g>; rel="canonical"
content-length: 1012
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 21:18:27 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame E47C 3 KB
0 71ms
67ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 21:13:27 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E47C 8 KB
2 KB 17ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:27 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E47C 6 KB
0 17ms
9ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 21:13:27 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E47C 112 KB
0 18ms
10ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 21:13:27 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E47C 4 KB
0 37ms
29ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 21:13:27 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 877C 75 KB
76 KB 20ms
20ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 135619
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3843e539a6332b1a9fbe89234f98b8d4
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166592498840eb-SIN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 93D8 436 B
571 B 944ms
258ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-178481685&@b3:1707254004&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 85a8c6d153a4b5f00aac6fda2211fe5aef9b64d3ad7cc639171d3f1285f6f2b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame B346 437 B
572 B 937ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:127027414&@b3:1707254004&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 6f62ac9fff6ec21e48f752d02d0aa9faa3e7f6275ccce54216ae6520b1848d2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 5406 435 B
570 B 840ms
265ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:134949223&@b3:1707254004&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: f3d2f4149cda1cd4febb0f8a1281a9ac590c2e6521892648e246d1d18eb01f5e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame CDAF 766 B
1 KB 13ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648994
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 27rbrXLx1xETgL7tjeV3j4PLta1w66k7aGnXveViKjeahp_xtCbMpg==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2E16 11 KB
5 KB 20ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78825
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665951cd040e8-SIN
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 513F 10 KB
2 KB 21ms
20ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame E3D5 766 B
1 KB 11ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648995
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: g8gl0ugkJjA-zHQDLg2jni77kiXN2zbiX491I5o8Ny9h070e0PA2XQ==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame E86F 0
145 B 245ms
244ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=59727&pu=https://vip.poltar2d.info/paito-warna-taiwan/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6B35A133B00D48C2A48D20F0EAFF2496 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQx1abT0ln+60nEXQg==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 25C0 0
146 B 309ms
309ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=81301&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: CBD9EE717B1E453ABC40E8F869C2C927 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQx1a5pO3PlSInHS/Q==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 2E16 75 KB
76 KB 17ms
16ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225063
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166595bbb240eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 0DB3 16 KB
6 KB 21ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13086
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166596bd8340e8-SIN
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0DB3 6 KB
3 KB 384ms
383ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-china%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CHINA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-69386526&@b3:1707254000&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-china%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c1d10b5b88d94c94a977027e4472f336da6f23ce32a018b16f3f2a5c76c9a0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
x-t: 0.215
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BStgVGrliNVtzNTUF4F10A5mMl3zEnfAsGzUSSrTPEAqvmcRUh0smpp34ia66VEbEeSAPMHAU71PjY9chD7MXjqlP0W8NPcjjIIzuFoY%2FFMl2OGA6taLCmNfznoxvXEL2ruriphJQcG59aU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 85166596baad5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:23 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 78F2 11 KB
5 KB 21ms
21ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78825
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166596cd9040e8-SIN
content-length: 4547

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 6A56 108 KB
13 KB 6ms
5ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6A56 227 B
246 B 19ms
15ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6A56 2 KB
349 B 20ms
16ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 6A56 28 KB
8 KB 30ms
27ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6A56 86 KB
29 KB 34ms
31ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6A56 13 KB
5 KB 103ms
100ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6A56 157 KB
26 KB 9ms
6ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567716
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6A56 30 KB
7 KB 20ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048149
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166596f8d989a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6A56 21 KB
8 KB 12ms
9ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084209
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6A56 62 KB
16 KB 13ms
10ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368819
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame 6A56 0
0 473ms
461ms Script
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 6A56 0
0

GET wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6A56 0
0

GET regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6A56 0
0

GET wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6A56 0
0

GET frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6A56 0
0

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame BF22 438 B
573 B 747ms
245ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:95633150&@b3:1707254004&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: f5c4b80f8fb164da563570c43bfdeeb83477c65bc1b64dbd01a05d0ec16b4369

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame D186 22 KB
12 KB 26ms
25ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72179
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665972dbc40e8-SIN
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame D186 6 KB
3 KB 339ms
338ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-ct%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%20CT%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Flive-sydney%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-136928222&@b3:1707254001&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-ct%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29c6aa5d1f53b5910f95e002622c14b705081d66f3bc0b2df06a9dd3b1b12cb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
x-t: 0.221
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUJrQ1eUQ0Uj3t75XdotV2aNLkxsWmVabI3NV31ee2ZHbLghGgzlUIArKVCyRcCH6Gqp%2BznypVmGHXaNOCE6BbiBM%2FdoV8JwNTlfltUAK%2BQ1N8B9y0EsGXqmOYH%2FyJDrcYkl4HQZCQ5YNbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665972ad95f5e-SIN
expires: Tue, 06 Feb 2024 21:13:23 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5445 11 KB
5 KB 23ms
22ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78825
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85166597de2f40e8-SIN
content-length: 4547

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 874B 43 B
573 B 253ms
252ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=31625

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame D67E 85 B
482 B 11ms
11ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606848
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: xEexnjI6uDfxPgLyRg2UDa_345W94foFKXgKA98xdXvdMshLb3HiuA==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 0F3C 43 B
573 B 251ms
250ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=32500

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 22AF 85 B
482 B 12ms
11ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606848
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: Yi1Ek768WL3POEhCtyUt9WR6mrHB74G-MS4lAkIfDDwqyk77wioI4w==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0DB6 18 KB
5 KB 11ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 2A8F 15 KB
3 KB 12ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 0DB6 438 B
573 B 779ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20LINE%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-170790403&@b3:1707254004&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: f5c4b80f8fb164da563570c43bfdeeb83477c65bc1b64dbd01a05d0ec16b4369

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:25 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 86D0 0
72 B 14ms
13ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:24 GMT
content-length: 0
vary: Origin

GET
H3

200

/ Show response
vip.badutprediction.info/prediksi-china/ Frame A7A4
Redirect Chain

https://vip.badutprediction.info/prediksi-china
https://vip.badutprediction.info/prediksi-china/

106 KB
21 KB

240ms
239ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/prediksi-china/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

459aac02eacc758c58d2059cf00decf5b6fdacad8ea6a4a3ecb404a316857a78

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/buku-mimpi-2d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:25 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/93>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=93>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:24 GMT
location: https://vip.badutprediction.info/prediksi-china/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 2D07 108 KB
13 KB 21ms
18ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 2D07 227 B
284 B 27ms
24ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 2D07 2 KB
353 B 27ms
25ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 2D07 28 KB
8 KB 28ms
25ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 2D07 86 KB
29 KB 45ms
43ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 2D07 13 KB
5 KB 73ms
71ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:24 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 2D07 157 KB
26 KB 50ms
47ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567717
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2D07 30 KB
7 KB 41ms
39ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048149
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85166599daa989a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 2D07 21 KB
8 KB 52ms
50ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084210
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 2D07 62 KB
16 KB 34ms
32ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368820
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 2D07 773 B
913 B 777ms
258ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:29 GMT
Connection: close
ETag: -2060319226
Content-Length: 773
Content-Type: image/png

GET
H3 200 wp-polyfill-inert.min.js
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 2D07 8 KB
0 25ms
17ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 21:13:29 GMT

GET regenerator-runtime.min.js
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 2D07 0
0

GET wp-polyfill.min.js
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 2D07 0
0

GET frontend.js
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 2D07 0
0

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 6C18 43 B
573 B 236ms
236ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=7096

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 799A 43 B
573 B 236ms
236ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=25908

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame FBEB 43 B
573 B 245ms
245ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=3593

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 8661 85 B
483 B 17ms
16ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606848
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: NWpEDpKK0-gPnRGC9qY3xQrBbq4luOwawmUZsMH1dbvHJQ256Ffmlw==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame D426 0
145 B 249ms
248ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=76800&pu=https://vip.poltar2d.info/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4CE4378E6BA04334A05077D9408E3644 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQyBFoLksGRMJ2R+ow==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 28B5 0
159 B 314ms
313ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=31651&pu=https://vip.badutprediction.info/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 60C4380E7A714D1C91D0CC61A9E95021 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQyBFrWyn7DZNipLHA==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame C51B 0
72 B 23ms
21ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:24 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 283A 0
72 B 23ms
21ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.velbettgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:24 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 039F 0
72 B 22ms
21ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:24 GMT
content-length: 0
vary: Origin

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 74E9 230 B
529 B 9ms
8ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 74E9 231 B
530 B 9ms
8ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 3C5B 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E567 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 9885 43 B
573 B 236ms
235ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=88330

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:25 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 513F 15 KB
3 KB 8ms
7ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame 8A1B 18 KB
5 KB 8ms
8ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
H3

200

/
vip.poltar2d.info/rekap-on-of/ Frame A2D6
Redirect Chain

https://vip.poltar2d.info/rekap-on-of
https://vip.poltar2d.info/rekap-on-of/

102 KB
24 KB

52ms
50ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/rekap-on-of/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/pola-dasar/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:25 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/195>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=195>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:25 GMT
location: https://vip.poltar2d.info/rekap-on-of/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame DF4B 18 KB
8 KB 29ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44489
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516659cb8d040e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame DF4B 6 KB
3 KB 368ms
366ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-89952332&@b3:1707254001&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830e40006d33d3bd5f470e7db7e00429961132cf76e7a0af6c9db21392a5f3ba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-t: 0.231
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeNQFjWsgBK0QL1QgUc2wxyYcBa0%2FjuQnPmw0UQpm9aBXOU9DJVHICkarbvE6aN%2Bqs0%2FAPkfOLSAPDzO4UNaGMScWji161XrS4sFe5HvFP4k8QybYFWnmTh2V%2BMNW%2BDJSzt5Uft%2BF01jsIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516659cbea65f5e-SIN
expires: Tue, 06 Feb 2024 21:13:24 GMT

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 308A 18 KB
8 KB 24ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44489
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516659cb8d240e8-SIN
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 308A 6 KB
3 KB 369ms
369ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-47365182&@b3:1707254001&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5afd0fe0ee766eb3391e75a5e967062a67f3ca611eb51fc7f54d769ab3065c61

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-t: 0.249
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yddSti1wIqlo%2BVaYo2RYDCS0y6APRKGIi73rPrrhY3C0eXPi%2FNR%2B9m8nFlLvLYQb57FoY%2BlLxwifCEVdUDv0ejtUhHB7FwTnx0oSSN4pwvcCx5gKdwEazB51Bq173BDVuqQDGNBrd7a5o8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516659cbea75f5e-SIN
expires: Tue, 06 Feb 2024 21:13:24 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6BB2 0
454 B 283ms
281ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-t: 1.07
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkYgKZZ8z648A6TfAzH%2BsI2WzF0mDa0kIjYKcw2KddvN95pok855S3fvNHFotkoxlY8afFn1Sg0Mgucm6XRNdQd5rUyaaokB2xXwdbxkvjIM2tqu5GpY10jPbaUa2wFAQ6pPDnGwS34lcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 8516659def9b3e01-SIN
expires: Tue, 06 Feb 2024 18:52:56 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6BB2 33 KB
11 KB 12ms
10ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1621
x-amz-cf-id: rnio3cEF9L1OJVpi_CJZLHp5BDVrd2VeTtWAV4Oay4mHBVOpoDYu6g==

GET
H2 200 /
t.dtscout.com/pv/ Frame 6BB2 0
290 B 370ms
369ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=twqq6o3xxo&_pv=6&_ls=22&_cc=sg&_pl=d&_b=chrome%40121&_cbid=2pz2&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-t: 0.094
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFoxaMTjHLnIOlbzOwSiygx5qN0E3MhRQi9tLlCBn5ljB2Yz4z7Xh4m82rvPKhafNuALgTrBRS69gQlDkfQ1dUg9bqf9Id2eQNsHyuYfI72Kf2Yi1u%2B9B13bEV%2FfWrkqxI%2FJ0nQ0ZNS0Vdw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516659df8675f5e-SIN
expires: Tue, 06 Feb 2024 21:13:24 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 3D28 5 KB
2 KB 13ms
12ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1455
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: X52zv-eYgn_Xoazh4DTpssXYkUEPjGkNuSmRdmO0Gkj_9cBwY0YP8g==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6972 5 KB
2 KB 15ms
12ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1455
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 8DY5fJCLKLjreL3xsDW0biNJ3xEzt3hmyCUCkMHt5Nfw39TgwSo8_A==

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 5B15 230 B
529 B 9ms
8ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 5B15 231 B
530 B 9ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 6B81 0
72 B 19ms
15ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:25 GMT
content-length: 0
vary: Origin

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 2394 5 KB
2 KB 15ms
13ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1455
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: WimS9UXem-E89kmCoadng71Y6f7hxB1E7Jz6d440BudtmvX2k8h8Tw==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 8B6D 169 B
451 B 213ms
212ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 5ED2 169 B
451 B 212ms
212ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame 355D 18 KB
7 KB 25ms
23ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 83865
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516659e6a6a40e8-SIN
content-length: 7547

GET
H2 200 /
e.dtscout.com/e/ Frame 355D 6 KB
3 KB 340ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:51658524&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-t: 0.269
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB62uFfpPpr14MG70qrcPMcB5Pd7nSx30vUuWx7yWkX%2BvYW3gT%2FkkYQSNAu2O6j%2FGX444fK5cbJyYcs6PPjZxtBA3s7gQGVSf0akSNfsIB5AYhKDI9%2BpvtjlMBwvEAzdt%2FIdiA%2BkZaAuD04%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8516659e68e25f5e-SIN
expires: Tue, 06 Feb 2024 21:13:24 GMT

GET
DATA 200
OK truncated
/ Frame 58AF 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E567 0
425 B 284ms
284ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-t: 1.68
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifbNdiZJBcZBm6vgz8s7k4hm8sHJcTHp%2Bn9ERj%2BnLawKvvPicFPH79s9LNGcaWAaNfX5hlivu%2Bi6j0AzuPvEGvcNvZncea6KqWRZaYf8iggtCuif32rGll6OtT3yUj0ysNw8cknw80UcjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 8516659f283b3e01-SIN
expires: Tue, 06 Feb 2024 21:10:53 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E567 33 KB
11 KB 7ms
7ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1621
x-amz-cf-id: 0F426E7h-a_OcYG_R-XShJN0El0VzvRANgLh__7ejDt_zBfkThRfOg==

GET
H2 200 /
t.dtscout.com/pv/ Frame E567 0
291 B 365ms
364ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=13&_ls=21&_cc=sg&_pl=d&_b=chrome%40121&_cbid=55lc&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
x-t: 0.102
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlxT8d44BxKvgdYBGBi%2FbJqDCtCIfxR1Rik0ZWn375XqgzirlWQ%2Fyz0QdwkpIIh9w9ygklFySEfnBPJ%2FZ5w0%2BstyC4q9J8uy%2FbNnOVUgKeE90wB4lUoFLXP2ZYHSMOTqTh55mD6vO%2B99hjQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516659f39345f5e-SIN
expires: Tue, 06 Feb 2024 21:13:24 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame D67E 766 B
1 KB 9ms
8ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648996
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: kZEY8GHdXRleR0KdJ8tSe-AELmS7Uy625DF4brttyP8eosJsq3LLqg==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 22AF 766 B
1 KB 14ms
11ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648996
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 03D784Y45K0ueelBtSrdyb7HQ0RMjTNIzMhtafD2MQMcomZrNLd2LQ==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5884 11 KB
5 KB 17ms
16ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78826
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8516659f6b4d40e8-SIN
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E241 0
315 B 343ms
341ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
x-t: 1.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVXayLWySTdPuNlHowneFscJxRhbVXbt4ymeLK4pyy99It7fk5JRnIW89qh1Qts9eUGPpLNMoP71oYULzpqkiTg2a4Lk6eXEvug9N6fFweME5rimrmsQu9KIeDRsICZVs1HAQsup%2B7Hbbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 8516659f78583e01-SIN
expires: Tue, 06 Feb 2024 21:10:53 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E241 33 KB
11 KB 9ms
8ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1621
x-amz-cf-id: KXx4cNE_fkgkJrkfa6OcqcfXm_NrrO75Cj_yOmmGJ_jC-WTQd0p_zg==

GET
H2 200 /
t.dtscout.com/pv/ Frame E241 0
307 B 366ms
364ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=10&_ls=20&_cc=sg&_pl=d&_b=chrome%40121&_cbid=25p7&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
x-t: 0.104
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLsnZQgCiXbs8d6q%2Fc5fSg%2Fr5B6z17LTeKFlK8DnM5PtmT7sK4somNCQqXgRzbWQBU2Jd6eouu7xFqlZnJcJtHHxNez16fAPbNDe3EidKw8jnS5wCO%2F8fgs3UJnLbV2KwVJLE9rY9fI7DnM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8516659f79585f5e-SIN
expires: Tue, 06 Feb 2024 21:13:24 GMT

GET
H2

200

merge
ce.lijit.com/ Frame E86F
Redirect Chain

https://um.simpli.fi/lj_match?r=47675
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

204ms
203ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:25 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 25C0
Redirect Chain

https://um.simpli.fi/lj_match?r=75359
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

207ms
206ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:25 GMT

GET
DATA 200
OK truncated
/ Frame 2407 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 1C50 5 KB
2 KB 10ms
9ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1455
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: uIwchqUeDzNSD-2Ai3hM9LzZooO9AlRDHNib-GpoNTojd6xpFprfrw==

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame B998 437 B
572 B 746ms
249ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-145117980&@b3:1707254006&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:26 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 8661 766 B
1 KB 10ms
9ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 648996
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: u_EMjO3Dm_5yz4egg718HAa80E3dgp2D7NUrx_Vs6uT1SBJmG-l0Sw==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 3C5B 11 KB
5 KB 23ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78826
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665a0cc4840e8-SIN
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame E9A7 10 KB
2 KB 14ms
13ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:25 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 3C5B 75 KB
76 KB 21ms
20ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225065
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665a1ec9540eb-SIN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 4709802.php
s4.histats.com/stats/ Frame 8A1B 436 B
571 B 750ms
251ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:132967762&@b3:1707254006&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:26 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A20E 11 KB
5 KB 27ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78827
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665a3edb240e8-SIN
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame 7AFD 10 KB
2 KB 26ms
25ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame FBEB 0
72 B 15ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:26 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame A7A4 108 KB
13 KB 17ms
15ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame A7A4 227 B
271 B 25ms
18ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame A7A4 2 KB
374 B 25ms
18ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame A7A4 28 KB
8 KB 24ms
15ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame A7A4 86 KB
29 KB 28ms
19ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 jquery-migrate.min.js
vip.badutprediction.info/wp-includes/js/jquery/ Frame A7A4 13 KB
5 KB 55ms
46ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A7A4 157 KB
26 KB 18ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567718
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A7A4 30 KB
7 KB 28ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048151
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665a4199989a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A7A4 21 KB
8 KB 23ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084211
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A7A4 62 KB
16 KB 24ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368821
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame A7A4 406 KB
0 30ms
22ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-china/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET 4790086&101.gif
s4is.histats.com/stats/i/ Frame A7A4 0
0

GET comment-reply.min.js
vip.badutprediction.info/wp-includes/js/ Frame A7A4 0
0

GET wp-polyfill-inert.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame A7A4 0
0

GET regenerator-runtime.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame A7A4 0
0

GET wp-polyfill.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame A7A4 0
0

GET frontend.js
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame A7A4 0
0

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A20E 75 KB
76 KB 16ms
16ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225065
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665a4aeb340eb-SIN
cdn-requestpullsuccess: True

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame A2D6 108 KB
13 KB 15ms
10ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-on-of/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame A2D6 227 B
246 B 42ms
38ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-on-of/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A2D6 2 KB
349 B 44ms
39ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-on-of/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame A2D6 28 KB
8 KB 44ms
41ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-on-of/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame A2D6 86 KB
29 KB 99ms
95ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-on-of/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame A2D6 13 KB
0 88ms
84ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-on-of/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 21:13:26 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A2D6 157 KB
26 KB 14ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567719
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A2D6 30 KB
7 KB 25ms
22ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048151
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665a62ac289a4-SIN
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A2D6 21 KB
0 15ms
12ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13084212
x-jsd-version: 1.16.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A2D6 62 KB
0 16ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-on-of/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28368822
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame A2D6 0
0

GET comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame A2D6 0
0

GET wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A2D6 0
0

GET regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A2D6 0
0

GET wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A2D6 0
0

GET frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A2D6 0
0

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 6C18 0
145 B 324ms
323ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=20896&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 86DF3DC9F4034B04B3A4D19EC2619A80 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQye4EmxDuGG6l2XsQ==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 799A 0
180 B 252ms
252ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=11200&pu=https://vip.poltar2d.info/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 32480062BA4A4DE4BCB1F857562ACB9B Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQye2Bji6dboDDAX4g==

GET
H2

200

merge
ce.lijit.com/ Frame D426
Redirect Chain

https://um.simpli.fi/lj_match?r=2616
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

201ms
200ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:26 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 28B5
Redirect Chain

https://um.simpli.fi/lj_match?r=84678
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

202ms
202ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:26 GMT

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 6BD6 169 B
449 B 214ms
212ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 0741 169 B
451 B 213ms
213ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame F662 169 B
451 B 213ms
212ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 0B17 0
72 B 15ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://w1.bungaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:26 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js
s10.histats.com/ Frame 4E41 11 KB
4 KB 28ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78827
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665a6483b40e8-SIN
content-length: 4547

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame C463 0
72 B 24ms
23ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:26 GMT
content-length: 0
vary: Origin

GET
H2 200 /
t.dtscdn.com/widget/ Frame 2407 0
460 B 288ms
285ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-t: 1.15
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI55%2BL8sGli9%2B2KdqnAC9kzOCEgO30eZR9AWH3mHxtN8FMEzmdUY%2BqgOuhZEGbFMocOaP%2BsNkZ89yvvcEz37yA8aQ9TS5BeCm5uNAAAxuP0kaMkGCoYD6iLV4SS8W10AN6BNQ1Klbyw6hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 851665a67c0c3e01-SIN
expires: Tue, 06 Feb 2024 20:19:19 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2407 33 KB
0 26ms
22ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1622
x-amz-cf-id: gHD0ZZrI-JsG2Qz5kAs6hK3xHzNcXV7HfJxD2Kt5OZNiKM4n4Jrvcw==

GET
H2 200 /
t.dtscout.com/pv/ Frame 2407 0
0 380ms
377ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=14&_ls=22&_cc=sg&_pl=d&_b=chrome%40121&_cbid=48cd&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-t: 0.1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuCd1Owzb%2BM5AikkGt%2FCQqOuE%2BEW6vkII3ONJaSQLUYidzHWusRoTvDh3d2YzNAm1vmOARPLnjNef8hOoe%2FMfYWDX5vniuiqLEeoLsOz8Q%2BoN6ttH%2BEJWB2LCUA5%2FRrCKV4k3s1h%2FM6Rf4Q%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665a67ee75f5e-SIN
expires: Tue, 06 Feb 2024 21:13:26 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 9885 0
145 B 289ms
289ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=73772&pu=https://vip.badutprediction.info/prediksi-taiwan/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4A20966AC036401E831E6E591D3E7CAE Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQyfaor6rY6URUB5KA==

GET
H2 200 js15_as.js
s10.histats.com/ Frame 58AF 11 KB
0 18ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78827
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665a7490040e8-SIN
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame 30AD 10 KB
0 10ms
10ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 8473 169 B
453 B 211ms
211ms Fetch
application/json 54.245.71.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.71.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-71-27.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 178

GET
H3 200 wp-emoji-release.min.js
vip.badutprediction.info/wp-includes/js/ Frame 877C 18 KB
5 KB 14ms
13ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:26 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 538B 0
72 B 13ms
12ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:26 GMT
content-length: 0
vary: Origin

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame BF22 230 B
529 B 10ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame BF22 231 B
530 B 10ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 58AF 75 KB
76 KB 15ms
15ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225066
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665a7d99a40eb-SIN
cdn-requestpullsuccess: True

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame EEF1 5 KB
2 KB 8ms
8ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1457
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Gtn3IGl2Eak7L6Is60-ivifi9ZWUzOQfi9vudV89FsLZe6mGVGwe_w==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame B639 5 KB
2 KB 11ms
11ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1457
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: GLeMklkMYsXIa1a6PwpT5WcpgWtUMGVAiStONk5SoYOWH-dMwWafeA==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 4AEB 43 B
573 B 235ms
234ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=57163

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame 74E9 16 KB
6 KB 19ms
18ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13089
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665ab5c3740e8-SIN
content-length: 6216

GET
H2 200 /
e.dtscout.com/e/ Frame 74E9 6 KB
0 335ms
334ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CHINA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:1340892&@b3:1707254003&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-china%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-t: 0.227
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvOBNBZ1w3mybJ8AEJxLOfaURup6XlwIVbP9CRvdGMwJ4Dyg32Ms2AIpDAFQWepvaoO8UIkuvt7GhfBnuA38zh8LgzeCOjth0N%2F9sboucU40cjhpwVcyonq6fRgTqbDAhsR4XV%2FL8tROFXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665ab5a615f5e-SIN
expires: Tue, 06 Feb 2024 21:13:26 GMT

GET
H2 200 /
e.dtscout.com/e/ Frame 355D 6 KB
0 362ms
361ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-155474798&@b3:1707254002&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-t: 0.869
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNJUIQlQ8%2FM7X%2F6xWTpuPSf1n62E4yClqQWWa3reIMOOmEnz7pStA75teDstZYmMZNV4OaDkfLG4YOT1m3t2zQDb31Vm3XYb5i28qNS87xs%2BKaztm5ePfGpyAwnJzW5%2FoLaeWPaC3Or3hKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665ab5a635f5e-SIN
expires: Tue, 06 Feb 2024 21:13:26 GMT

GET
H2 200 /
t.dtscdn.com/widget/ Frame AC9B 0
422 B 303ms
300ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-t: 1.35
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SP%2FfYhoGHB%2Bd%2FxdBc4GuK1AGw0QiB86URNgxF6DxRmBr2j3vzB2nCNwnkhuErvTsV6tmi0YljGd8cCJP8%2BG3MAJaaKzdHn%2FR1Lmn3YySGXsa4FReXKPZV3cm%2FC%2FiAOiunVT4FR9KYSicbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 851665ab7f093e01-SIN
expires: Tue, 06 Feb 2024 21:06:41 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame AC9B 33 KB
0 15ms
13ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1623
x-amz-cf-id: 49Pdi2Y-97p2N3je1LDkfJkIn-X8l1-HItRvNdmdXJfpcZ2E5VGm0Q==

GET
H2 200 /
t.dtscout.com/pv/ Frame AC9B 0
0 341ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=1k5shfatpr&_pv=6&_ls=25&_cc=sg&_pl=d&_b=chrome%40121&_cbid=5yqv&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
x-t: 0.091
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0WyMjGMTXAErN%2BRzFXfk29E%2BiCO8tVhu3OSMQTz%2FqAljUqZUvakhD326U95vwe7y4DyXTtkrrrRu0OWmph4idwYdD9EAcgna8MheR%2Fm8zm0cv%2FrpHGc60mU%2BohA2pV42M3NoJA8dAWegb8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665ab7a6c5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:26 GMT

GET
H3 200 cn.php Show response
rankcrack.com/ Frame 3F9A 1 KB
704 B 24ms
24ms XHR
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/cn.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 238e00796cb371bf137fbce58a9f9a19214d38cade514e2a8d77c76f5ad86d44

Request headers

Accept: text/html, */*; q=0.01
Referer: https://rankcrack.com/live-draw-china.php
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fu8AojPck0S8ZoBguZwNUYBfNgQsfSFx9jiIVsd%2Br5%2B5%2BFIMN0icnb%2BaZkKHEgl2OqWgww9SfCgBmogmRJdS%2Bj4qwcOF0YY8iLb3MwNvM23Uy5dQVzvRJhux5MLPfpN8gR6OO7gPrPNQFvYZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 851665ab7c395658-SIN
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 3BD7 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
vip.poltar2d.info/rekap-angka-3d/ Frame C450
Redirect Chain

https://vip.poltar2d.info/rekap-angka-3d
https://vip.poltar2d.info/rekap-angka-3d/

117 KB
0

64ms
64ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/rekap-angka-3d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/pola-dasar/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:27 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/151>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=151>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:27 GMT
location: https://vip.poltar2d.info/rekap-angka-3d/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js
bungaprediction.top/ Frame E9A7 15 KB
3 KB 21ms
21ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:27 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame E86F 43 B
573 B 240ms
239ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=22491

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 05DF 85 B
0 31ms
29ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606851
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: YUTb-qnhC0-UiNZaIxJZ0yLy3krpBYIYQmZ0ggYff7prBFL7AjHcQg==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 25C0 43 B
573 B 253ms
252ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=18562

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 2DA8 85 B
0 36ms
34ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606851
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: dvCAVyFh27o18nOx2xSWLo-aofjE_Zr_T60UAC4okH9id3p0RGxWTw==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame 2E16 18 KB
5 KB 29ms
28ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:27 GMT

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame 5B15 16 KB
6 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13089
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665acfcdc40e8-SIN
content-length: 6216

GET
H2 200 /
e.dtscout.com/e/ Frame 5B15 6 KB
0 344ms
342ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-3d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%203D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:46697261&@b3:1707254003&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-3d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-t: 0.275
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tq7y3NTWm1qSnDt6oSDX6U4guqdzb6fqNhmyoVSzd7nex%2BwA7VsxTNlzULcoljW%2F2b4dm%2BwFvnWvbNnEiec7tPXS9RbUcjqh%2Bn6p8WDPVGbL2cQ6BBxrXzAfxS0RlQpob6u9WXNTeAyA9LE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 851665acfb775f5e-SIN
expires: Tue, 06 Feb 2024 21:13:27 GMT

GET
H/1.1 200
OK 4646812.php
s4.histats.com/stats/ Frame 2E16 438 B
0 777ms
266ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPOLA%20DASAR%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-china%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:158453612&@b3:1707254008&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpola-dasar%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:28 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 874B 0
72 B 13ms
12ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.poltar2d.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:28 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 0F3C 0
72 B 15ms
14ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:28 GMT
content-length: 0
vary: Origin

GET
H2 200 /
t.dtscdn.com/widget/ Frame 6DA1 0
583 B 279ms
277ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-t: 1.54
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrvaK%2FSl1X34Sf2Td7tRNCXYr%2F9pylJNADEoKKyMn39Nm8EW8PLthryGS9PXO5ehhs3YudykryrzozpMBcq3FBnjfBSQel7071tzC6rlyCj38N4NDXpEG1bDZMopcDIog6EUJF2gQW4ZPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 851665ae38df3e01-SIN
expires: Tue, 06 Feb 2024 21:16:49 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6DA1 33 KB
0 15ms
13ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1624
x-amz-cf-id: 2hpLVoyPmj4r5CJwTqd7GffDeAJ4MjkFUccaLlfAF-9InA4ld_2szw==

GET
H2 200 /
t.dtscout.com/pv/ Frame 6DA1 0
0 340ms
339ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=11&_ls=22&_cc=sg&_pl=d&_b=chrome%40121&_cbid=3l0h&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-t: 0.105
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uTtNGR6py4oks4Y8tn%2FZPTXv9%2FrAFeTW19KYAKhx02yBrXYMoFtuJdbSFZN8Tgd0HGT5vRzjhA5YVrJUqfPS%2BDhLQFCVgbZ9X3cL2xGvbkSn%2BwBUOwLpwWQj6%2F5TORjmpDCxh30sQiEMcw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665ae4caf5f5e-SIN
expires: Tue, 06 Feb 2024 21:13:27 GMT

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 60E5 5 KB
2 KB 10ms
10ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1458
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: F_aY0uSX9WNzXIUQ4Cov3sKAloaReP3fZnePPjUtRCJ-0cPO8YgcZg==

GET
H2 200 /
t.dtscdn.com/widget/ Frame 85D3 0
0 387ms
386ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-t: 1.55
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHZYAqZG8LeqN8%2BgRWLKwBOJfK%2BE9YdInD7adDNvvq3fKFPj9PJstFNJZ1E2ad5f%2BUUyx91CmusCIQD5PGi%2FHqCMaf%2BbuwVYzsz3pW%2FN%2FJXCJU9YOjQUceU3hHocGLXYni18CbXhcmnIdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 851665ae48e43e01-SIN
expires: Tue, 06 Feb 2024 20:19:20 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 85D3 33 KB
0 13ms
12ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 1624
x-amz-cf-id: pj1cR5eMJz5SPmlEVSl4k1y5EAvgcfe4KM-vU4xLg0H5Qf9rLByNPw==

GET
H2 200 /
t.dtscout.com/pv/ Frame 85D3 0
0 364ms
363ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2ch2qa2myu&_pv=12&_ls=22&_cc=sg&_pl=d&_b=chrome%40121&_cbid=2kdd&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
x-t: 0.086
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mu5YBGltoGCSgONSkkTwSnJe9Dy31bEHt1IC3eWRCjjP5VYfCCCr9Vy%2FqdJSpmR8DsoQDAvrtYxb5d26LqnU8DUPh0ssuxxmLRcYB4%2Bqz6cL8DY1hzTYLX9WBgo7ZOX5UZRb6UL8XFOW8Xg%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 851665ae4cb05f5e-SIN
expires: Tue, 06 Feb 2024 21:13:27 GMT

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 34D9 5 KB
2 KB 12ms
12ms Script
text/javascript 108.157.254.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.254.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-254-84.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 91432d5983fc87ffa38cb45ffcbbabfa.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 20:49:11 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P3
age: 1458
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: _akpvNxkMNz2SGEyaLKjr5Hgc3N7QbtpbbbzxS8l9RJZGUEE7rKdvg==

GET
H3 200 bbjs.js
bungaprediction.top/ Frame 7AFD 15 KB
3 KB 23ms
22ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:28 GMT

GET
H3

200

/
vip.poltar2d.info/paito-warna-china/ Frame 62C1
Redirect Chain

https://vip.poltar2d.info/paito-warna-china
https://vip.poltar2d.info/paito-warna-china/

274 KB
0

59ms
59ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-china/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/prediksi-sydney/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:28 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/103>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=103>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:28 GMT
location: https://vip.poltar2d.info/paito-warna-china/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 livesydney2.php
opesia.vip/iframe-live/livesydney2.php/ Frame BEA4 3 KB
1 KB 526ms
525ms XHR
text/html 2606:4700:3036::ac43:8f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/livesydney2.php/livesydney2.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/html, */*; q=0.01
Referer: https://opesia.vip/iframe-live/livesydney2.php/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j%2BIdL1XVfmDLz7Gye683iEeFeF8rXdqqVMjKERZJnmRvaTE7rEwu1foWoC8aqDhs8bRm0I4xDlUTDpsP7JghDvM%2BcUi50PW6uxRVWb2sh5nSdemj78wMPkBXi6R4G8jo%2BdGz04RQpqr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 851665b12bfa9f91-SIN
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame 78F2 437 B
0 487ms
429ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:156198886&@b3:1707254009&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:28 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 livesydney2.php
opesia.vip/iframe-live/livesydney2.php/ Frame A3AF 3 KB
1 KB 392ms
391ms XHR
text/html 2606:4700:3036::ac43:8f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/livesydney2.php/livesydney2.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/html, */*; q=0.01
Referer: https://opesia.vip/iframe-live/livesydney2.php/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCBLsGnKJaYuGm%2BeYN2ThNUgmuNrl8ZPYRbh238c2EPSIpHlYfKA20YtgvDOhohteZIVfGpGp9h8Lb69q2ehmC9RTItXiR%2BYk0c4pIgKgsH9hW92Gdh20NLI9L%2FJ5q9K%2FYKD16haUXEO"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 851665b29def4d57-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 bbjs.js
bungaprediction.top/ Frame 30AD 15 KB
0 11ms
11ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 21:13:25 GMT

GET
DATA 200
OK truncated
/ Frame 0DB3 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4790086.php
s4.histats.com/stats/ Frame 877C 435 B
0 639ms
254ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-ct%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-168895276&@b3:1707254009&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fbuku-mimpi-2d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:29 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame 5445 437 B
0 835ms
243ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:66222444&@b3:1707254009&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:29 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3

200

/
vip.poltar2d.info/paito-warna-sydney/ Frame A805
Redirect Chain

https://vip.poltar2d.info/paito-warna-sydney
https://vip.poltar2d.info/paito-warna-sydney/

276 KB
0

63ms
63ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-sydney/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/generator-angka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:29 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/99>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=99>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:29 GMT
location: https://vip.poltar2d.info/paito-warna-sydney/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0DB6 230 B
529 B 96ms
95ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0DB6 231 B
530 B 96ms
95ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT sin 1
date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame 2A8F 11 KB
0 104ms
104ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78830
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665b4492940e8-SIN
content-length: 4547

GET
H2

200

merge
ce.lijit.com/ Frame 6C18
Redirect Chain

https://um.simpli.fi/lj_match?r=82909
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

209ms
207ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:29 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 799A
Redirect Chain

https://um.simpli.fi/lj_match?r=80809
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

209ms
208ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-hongkong/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:29 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame D426 43 B
573 B 303ms
302ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=27597

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:29 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame E7EA 85 B
0 68ms
68ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.velbettgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606853
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: t8LLKFaV9hLHON0rGsElIt-oePtw9J3FVxK6ZtvL1or2OHT1mwrumA==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 28B5 43 B
573 B 293ms
292ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=17348

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:29 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame C32E 85 B
0 68ms
68ms Document
text/html 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 606853
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 20:39:17 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
x-amz-cf-id: 2jXBRb1LNLLJBiw6b4OMQv23Ix8ahNJdBYBW7sOg6XAkDPezNW5BhQ==
x-amz-cf-pop: SIN52-C2
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

merge
ce.lijit.com/ Frame 9885
Redirect Chain

https://um.simpli.fi/lj_match?r=84820
https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB

43 B
871 B

210ms
209ms

Image
image/gif

52.39.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/jalur-shio/
Protocol: H2
Server: 52.39.166.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-166-89.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 21:13:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 21:13:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=D4142655B0634537B50E950A8DAF63AB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 21:13:29 GMT

GET
H2 200 cc_329.js
s10.histats.com/counters/ Frame 93D8 18 KB
0 78ms
78ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 60876
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665b4492a40e8-SIN
content-length: 7420

GET /
e.dtscout.com/e/ Frame 93D8 0
0

GET
H2 200 cc_3018.js
s10.histats.com/counters/ Frame B346 18 KB
0 74ms
74ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 44493
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665b4492b40e8-SIN
content-length: 7830

GET /
e.dtscout.com/e/ Frame B346 0
0

GET
H2 200 cc_302.js
s10.histats.com/counters/ Frame 5406 22 KB
0 75ms
74ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 72184
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665b4492c40e8-SIN
content-length: 12201

GET /
e.dtscout.com/e/ Frame 5406 0
0

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame AB2A 0
72 B 46ms
46ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:29 GMT
content-length: 0
vary: Origin

GET
DATA 200
OK truncated
/ Frame E47C 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET gif.gif
zona-angka.top/wp-content/uploads/2023/06/ Frame E47C 0
0

GET
DATA 200
OK truncated
/ Frame D186 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame E86F 0
72 B 11ms
10ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:29 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 25C0 0
72 B 11ms
11ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:29 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js
s10.histats.com/ Frame 3BD7 11 KB
0 28ms
26ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78830
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665b5c9d640e8-SIN
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame 2010 10 KB
0 18ms
18ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 21:13:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 2FCB 0
72 B 16ms
16ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.velbettgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:29 GMT
content-length: 0
vary: Origin

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 3BD7 75 KB
76 KB 19ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
age: 225068
cdn-cachedat: 02/04/2024 04:35:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 13ad48ef0e8f3b76871e620114af065f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665b68d2340eb-SIN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame EF1B 43 B
573 B 249ms
249ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=80717

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:29 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 0E2A 43 B
573 B 240ms
239ms Image
image/gif 3.93.89.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHkZASZHA2sVaM4OTSeOEoCk&rnd=5357

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.89.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-89-138.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 21:13:29 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame BF22 16 KB
0 29ms
27ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 13091
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665b77afd40e8-SIN
content-length: 6216

GET /
e.dtscout.com/e/ Frame BF22 0
0

GET
H2 200 Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 05DF 766 B
0 20ms
20ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 649000
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: A5jKxcXgCKudk3WKRpkxAT5Wc4tL4dlU5Tyx4qFqibpBmpZB8AvH7Q==

GET
H2 200 Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 2DA8 766 B
0 18ms
17ms Script
text/javascript 13.224.249.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-72.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 30 Jan 2024 08:56:50 GMT
via: 1.1 f651505f69d4004d8a3662c44e02ec6e.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 649000
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: IGi3lR44poY7enCs-YvuIExdzGh1ugp4JT8YSUKI2qohmCBLvLSXfg==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 4AEB 0
144 B 249ms
248ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHkZASZHA2sVaM4OTSeOEoCk&rand=65475&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A234F35C0B77415295623CC9A0A19D35 Ref B: MNL30EDGE0616 Ref C: 2024-02-06T21:13:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvQzJaBwohA2hYSAGeg==

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame C450 108 KB
13 KB 24ms
19ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 21:13:29 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame C450 227 B
246 B 43ms
38ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 21:13:29 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame C450 2 KB
349 B 44ms
39ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 21:13:29 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame C450 28 KB
8 KB 54ms
49ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 21:13:29 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame C450 86 KB
0 26ms
21ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 21:13:29 GMT

GET jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame C450 0
0

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame C450 157 KB
26 KB 17ms
12ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 21:13:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27567721
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-qpg1262-QPG
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame C450 30 KB
7 KB 29ms
25ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 6048154
cdn-cachedat: 10/31/2023 18:57:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 07de8683d1e6c489d49780055a5eb78f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 851665b7cd7289a4-SIN
cdn-requestpullsuccess: True

GET popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame C450 0
0

GET bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame C450 0
0

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame C450 0
0

GET comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame C450 0
0

GET wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame C450 0
0

GET regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame C450 0
0

GET wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame C450 0
0

GET frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame C450 0
0

GET
H2 200 js15_as.js
s10.histats.com/ Frame 513F 11 KB
0 20ms
19ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 78830
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 851665b87bc140e8-SIN
content-length: 4547

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame A20E 18 KB
0 17ms
16ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/prediksi-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 21:13:29 GMT

GET
H2 200 /
t.dtscdn.com/widget/ Frame 0DB3 0
0 306ms
299ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01707253979BCFF8072BEF59FBE4F&nid=300&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-china%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-china%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:13:29 GMT
x-t: 28.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wb4XCF0Rtc84nnNL%2FL8MEBfqV163dZFmRlqMW1w7gSBLSZQir36j8CBaqgobUfffvDRaiA44HGUHkvZzvGN%2Bode3ilDT8E8t9IdhHNc8R50rfzgE%2BEVwzGYlYAuw36fFld9Ay4RkqoZTqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 851665b89f683e01-SIN
expires: Tue, 06 Feb 2024 20:19:22 GMT

GET tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0DB3 0
0

GET /
t.dtscout.com/pv/ Frame 0DB3 0
0

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame D426 0
72 B 18ms
13ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.velbettgroup.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:29 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 28B5 0
72 B 16ms
15ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 21:13:29 GMT
content-length: 0
vary: Origin

GET style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 62C1 0
0

GET cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 62C1 0
0

GET sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 62C1 0
0

GET style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 62C1 0
0

GET jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 62C1 0
0

GET jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 62C1 0
0

GET bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 62C1 0
0

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 62C1 0
0

GET popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 62C1 0
0

GET bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 62C1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zona-angka.top
URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif

Domain: zona-angka.top
URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif

Domain: zona-angka.top
URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif

Domain: ad.mrtnsvr.com
URL: https://ad.mrtnsvr.com/sync/lotame?redirect_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D14701%26tp%3DMTAI%26tpid%3D%24%7BMARTIN_AI_ID%7D%26gdpr%3D0

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0

Domain: geo-um.btrll.com
URL: https://geo-um.btrll.com/v1/map_pixel/partner/66.png

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?source=lotame

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_DhvDCpkIgEeBZME6OIEURdUUtmEF9sTWy-3zmRDrV-mQos/s25/on-1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_DhvDCpkIgEeBZME6OIEURdUUtmEF9sTWy-3zmRDrV-mQos/s25/on-1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_DhvDCpkIgEeBZME6OIEURdUUtmEF9sTWy-3zmRDrV-mQos/s25/on-1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: zona-angka.top
URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_DhvDCpkIgEeBZME6OIEURdUUtmEF9sTWy-3zmRDrV-mQos/s25/on-1.gif

Domain: s4is.histats.com
URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fvip.poltar2d.info%2F

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F

Domain: zona-angka.top
URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-cambodia%2F

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js

Domain: t.dtscout.com
URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=2lo14e4fr9&_pv=15&_ls=25&_cc=sg&_pl=d&_b=chrome%40121&_cbid=39l3&_cb=_dtspv.c

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i6.liadm.com/s	1970-01-20 18:57:25	Name: _li_ss Value: CgA
i.liadm.com/s	1970-01-20 18:57:26	Name: _li_ss Value: ChMKCQj_____BxCdFwoGCN0BEJMX
vip.disksusiangka.info/	1970-01-21 02:59:49	Name: HstCfa4710812 Value: 1707253978726
vip.disksusiangka.info/	1970-01-21 02:59:49	Name: HstCla4710812 Value: 1707253978726
vip.disksusiangka.info/	1970-01-21 02:59:49	Name: HstCmu4710812 Value: 1707253978726
vip.disksusiangka.info/	1970-01-21 02:59:49	Name: HstPn4710812 Value: 1
vip.disksusiangka.info/	1970-01-21 02:59:49	Name: HstPt4710812 Value: 1
vip.disksusiangka.info/	1970-01-21 02:59:49	Name: HstCnv4710812 Value: 1
vip.disksusiangka.info/	1970-01-21 02:59:49	Name: HstCns4710812 Value: 1
.dtscout.com/	1970-01-20 20:38:13	Name: df Value: 1707253979
.dtscout.com/	1970-01-20 20:20:57	Name: l Value: 51A01707253979BCFF8072BEF59FBE4F
.disksusiangka.info/	1970-01-20 20:19:30	Name: __dtsu Value: 51A01707253979BCFF8072BEF59FBE4F
.dtscdn.com/	1970-01-20 22:31:59	Name: uid Value: 51A01707253979BCFF8072BEF59FBE4F
.onaudience.com/	1970-01-20 18:15:40	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-20 18:15:40	Name: done_redirects219 Value: 1
.onaudience.com/	1970-01-21 02:59:49	Name: cookie Value: c7d98620ff8ab6e8
.adsrvr.org/	1970-01-21 03:01:16	Name: TDID Value: 007f78be-91e5-4d54-8874-1e9e2f52bb83
.crwdcntrl.net/	1970-01-21 00:43:01	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 00:43:01	Name: _cc_id Value: 5770c95a28a2ab6f3d35c00d854d7c07
.lijit.com/	1970-01-21 02:59:50	Name: ljt_reader Value: IHkZASZHA2sVaM4OTSeOEoCk
.onaudience.com/	1970-01-20 18:15:40	Name: done_redirects104 Value: 1
.onaudience.com/	1970-01-20 18:15:40	Name: done_redirects282 Value: 1
.dtscout.com/	1970-01-20 18:14:18	Name: m Value: 5
.dtscout.com/	1970-01-20 18:14:28	Name: oa Value: 5
.bluekai.com/	1970-01-20 22:36:18	Name: bku Value: wXT99BIQyZDnS9G1
.pro-market.net/	1970-01-20 22:33:25	Name: anProfile Value: "kt6sr3p0r6bd+1+4=81+1f=1+1g=1+1j=h:3e+rs=s+rt=20010DF10800A00A0012000000000008+s0=(10)+s2=(s8gdlt)+vm=19-5770c95a28a2ab6f3d35c00d854d7c07"
.c.cintnetworks.com/	1970-01-20 18:14:17	Name: TiPMix Value: 53.72755646239805
.c.cintnetworks.com/	1970-01-20 18:14:17	Name: x-ms-routing-name Value: self
pool.admedo.com/	1970-01-21 02:59:49	Name: tuuid Value: b2bc014c-da63-4f13-b0a8-bfe2963f7de9
pool.admedo.com/	1970-01-21 02:59:49	Name: c Value: 1707253985
pool.admedo.com/	1970-01-21 02:59:49	Name: tuuid_lu Value: 1707253985
.smadex.com/	1970-01-21 02:52:37	Name: smxtrack Value: 47ce4017-f6a1-4366-a1a4-65aebd2c6d66
.smadex.com/	1970-01-20 18:35:49	Name: smxdc Value: 1
.agkn.com/	1970-01-21 02:59:49	Name: ab Value: 0001%3Aekw030mKIodU9Hg3WCE1YZqTndN4VcvO
.doubleclick.net/	1970-01-21 03:50:13	Name: IDE Value: AHWqTUkvtDlMknmAAZinzZvsiOnamzwEKvC5XIaAdy0nm6HDPWpedoZs_fxd4_cS764
.shareaholic.com/	1970-01-21 03:50:13	Name: c_id Value: ac85a7e1-b596-45ef-a13b-b758abcf1818
.adnxs.com/	1970-01-20 20:23:49	Name: XANDR_PANID Value: j3-J_uUH4KAa9YexAPQEdLsL9xv9ppuOivfI9pOC7H_Hd6lQRBpS-C-SOfoggxTNGKJvfzl28Z9YoC7LK5k7BFc00HVkZafp62ymgAIcbxg.
.adnxs.com/	1970-01-21 03:50:13	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:23:49	Name: uuid2 Value: 7381708761601567904
.liadm.com/	1970-01-21 03:50:14	Name: lidid Value: 81a4022d-2b4f-4aa6-9cfa-7936ff54462c
.linkedin.com/	1970-01-20 20:23:49	Name: li_sugr Value: 2d6a6042-b127-4b9b-9adc-acbb2bee529e
.linkedin.com/	1970-01-21 02:59:49	Name: bcookie Value: "v=2&e8a28342-9ef2-48cc-80dc-946236610b6a"
.linkedin.com/	1970-01-20 18:15:40	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3086:u=1:x=1:i=1707253986:t=1707340386:v=2:sig=AQHjkn_n9END6G4o57QEmgrofFUgQCsE"
.rubiconproject.com/	1970-01-21 02:59:49	Name: khaos Value: LSAUXYPF-1R-2KY1
.rubiconproject.com/	1970-01-21 02:59:49	Name: audit Value: 1\|LNyV808LBMp8wjj3c/aREUoUXwotbk9pdx15rCqJHUJx1g1ygpCGvp5rN9dDHRa754CAKLSLS8ZBK03vAHceENBQIIuieds98059S67dZ9hCd0sDu5Gae/Gbrz3jZLWFmjdSyQvWef4uyyPryAUdXc2O8qCVR0N4qoxmw57vRqc=
.thrtle.com/	1970-01-20 23:02:13	Name: mc Value: eyJpZCI6IjUxMjUyZWY4LWNjMmYtNGIzMS04OGM1LWQ0NGJhMWI4ODFiMCIsImwiOjE3MDcyNTM5ODYyNDYsInQiOjF9
.everesttech.net/	1970-01-21 02:59:49	Name: everest_g_v2 Value: g_surferid~ZcKg4gAAAeT8dABj
.rlcdn.com/	1970-01-20 19:40:37	Name: pxrc Value: CAA=
.aidata.io/	1970-01-21 03:50:13	Name: __upin Value: 1BLOHctFpBymXWqzn5VZOw
.aidata.io/	1970-01-21 03:50:13	Name: __upints Value: 1707253986
.smadex.com/	1970-01-20 18:35:49	Name: smxltm Value: 1
.id5-sync.com/	1970-01-20 20:23:49	Name: id5 Value: 7544a4a0-e05b-71e4-9550-9197651e2c38#1707253985976#2
.simpli.fi/	1970-01-21 03:01:16	Name: suid Value: D4142655B0634537B50E950A8DAF63AB
.smadex.com/	1970-01-20 18:28:37	Name: smxbds Value: 1
.bidswitch.net/	1970-01-21 02:59:49	Name: tuuid Value: efdcc23d-3711-4e7d-9744-d189fecb6de8
.bidswitch.net/	1970-01-21 02:59:49	Name: c Value: 1707253987
.bidswitch.net/	1970-01-21 02:59:49	Name: tuuid_lu Value: 1707253987
.turn.com/	1970-01-20 22:33:25	Name: uid Value: 4115501602503884086
.tpmn.co.kr/	1970-01-20 18:57:25	Name: bidswitch Value: efdcc23d-3711-4e7d-9744-d189fecb6de8
.lijit.com/	1970-01-21 02:59:50	Name: _ljtrtb_2 Value: D4142655B0634537B50E950A8DAF63AB
.tpmn.io/	1970-01-20 18:57:25	Name: bidswitch Value: efdcc23d-3711-4e7d-9744-d189fecb6de8
.sharethis.com/	1970-01-21 03:01:16	Name: __stid Value: ZHGABGXCoOQAAAAILwPMAw==
.sharethis.com/	1970-01-21 03:01:16	Name: __stidv Value: 2
.adform.net/	1970-01-20 18:55:59	Name: C Value: 1
.adform.net/	1970-01-20 19:40:37	Name: uid Value: 8098201450707067519
.bidr.io/	1970-01-21 03:42:43	Name: bito Value: AACl-E7LhUIAABPXK-wwqQ
.bidr.io/	1970-01-21 03:42:43	Name: bitoIsSecure Value: ok
.postrelease.com/	1970-01-21 02:59:49	Name: visitor Value: 7f89f535-67c9-4f00-9c52-fc31dff4d3ec
.postrelease.com/	1970-01-21 02:59:49	Name: status Value: 0
.crsspxl.com/	1970-01-20 19:39:54	Name: uid Value: 3988161765251172743
.crsspxl.com/	1970-01-20 19:39:54	Name: uuid Value: bc19dc20-4fd5-47ae-8cd1-3591df2715ee
.sddan.com/	1970-01-20 18:14:14	Name: techcookie Value: 1
.sddan.com/	1970-01-20 18:14:15	Name: newu Value: 1
.sddan.com/	1970-01-21 02:59:49	Name: SDDAN Value: 20240206_3675dd77bf89f6fce129495fda98604f
.id5-sync.com/	1970-01-20 20:23:49	Name: 3pi Value: 224#1707253987463#2131112751#4115501602503884086\|321#1707253989813#1369042230\|2#1707253987043#248896406#7381708761601567904\|322#1707253989813#-902032043\|19#1707253986381#-27143591#5770c95a28a2ab6f3d35c00d854d7c07\|264#1707253986716#88904681#007f78be-91e5-4d54-8874-1e9e2f52bb83\|136#1707253989303#630169925\|121#1707253988544#1311634476
.crwdcntrl.net/	1970-01-21 00:43:01	Name: _cc_cc Value: "ACZ4XmNQMDU3N0i2NE00skg0SkwySzNOMTZNNjBIsTA1STFPNjBnAILUQwtevPv%2F%2Fz8%2FiAMGfD0PHsgwnmVk%2BM%2FIyLD3MoK9E4l9eT1CvO2LJcufIJDyD2BNe7RA5EdZsAHnjx5ixi37c%2BMUFtyyl049YsMtu3vfZQHcsh8a7gswobjk8OI5eOx6twSf7PPz6rit%2BnXnmwpuWQDlq4U8"
.crwdcntrl.net/	1970-01-21 00:43:01	Name: _cc_aud Value: "ABR4XmNgYGBIPbTgBZCCAHYGBq4ZYOaiVhDJqDUbQs0CUXzuDmDew3oQxa%2BzH0gCADwyCPs%3D"
.lijit.com/	1970-01-21 02:59:49	Name: _ljtrtb_5001 Value: 5770c95a28a2ab6f3d35c00d854d7c07
.lijit.com/	1970-01-21 02:59:50	Name: ljtrtb Value: eJwNysERgCAMBMBe8vZxJBwBfzBoHwhjE4696773EZVdegxRE9mQLNK8EUchau71TFabbEIg%2FJPumIVD89BxpduWcQIrMy6fcHk%2F83QTRQ%3D%3D
.eyeota.net/	1970-01-21 03:01:16	Name: mako_uid Value: 18d80448fd2-22a300000108425e
.eyeota.net/	1970-01-20 18:14:14	Name: SERVERID Value: 16990~DM
.adsrvr.org/	1970-01-21 03:01:16	Name: TDCPM Value: CAEYASABKAIyCwiO9Zyr5djTPBAFOAFaBmV5ZW90YWAC
.yahoo.com/	1970-01-21 03:00:11	Name: A3 Value: d=AQABBOygwmUCEN4los4nljF53l1WSqa7swMFEgEBAQHyw2XMZa9E8HgB_eMAAA&S=AQAAAuXO6konGqy-Lv7-87DY4OA
.analytics.yahoo.com/	1970-01-21 02:59:49	Name: IDSYNC Value: 19cl~2glx

2143 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ad.mrtnsvr.com/sync/lotame?redirect_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D14701%26tp%3DMTAI%26tpid%3D%24%7BMARTIN_AI_ID%7D%26gdpr%3D0 Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://geo-um.btrll.com/v1/map_pixel/partner/66.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sync.search.spotxchange.com/partner?source=lotame Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://vip.poltar2d.info/pola-dasar/ Message: Refused to execute script from 'https://vip.poltar2d.info/js/jquery-1.10.2.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://vip.poltar2d.info/generator-line-angka/ Message: Refused to execute script from 'https://vip.poltar2d.info/js/jquery-1.10.2.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://vip.poltar2d.info/pola-dasar/ Message: Refused to execute script from 'https://vip.poltar2d.info/js/jquery-1.10.2.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://vip.poltar2d.info/pola-dasar/ Message: Refused to execute script from 'https://vip.poltar2d.info/js/jquery-1.10.2.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://vip.poltar2d.info/pola-dasar/ Message: Refused to execute script from 'https://vip.poltar2d.info/js/jquery-1.10.2.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://vip.poltar2d.info/generate-bbfs/ Message: Refused to execute script from 'https://vip.poltar2d.info/js/jquery-1.10.2.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
aa.agkn.com
ad.mrtnsvr.com
ad.tpmn.co.kr
ad.tpmn.io
ajax.googleapis.com
ap.lijit.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
blogger.googleusercontent.com
bungaprediction.top
c.cintnetworks.com
cdn.jsdelivr.net
cdn.lijit.com
ce.lijit.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
code.jquery.com
connect-metrics-collector.s-onetag.com
d.turn.com
data-beacons.s-onetag.com
dis.criteo.com
dmp.adform.net
dtsedge.com
e.dtscout.com
fei.pro-market.net
fonts.googleapis.com
geo-um.btrll.com
get.s-onetag.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
jadserve.postrelease.com
loadus.exelator.com
map.cookieless-data.com
map.sddan.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
onetag-geo.s-onetag.com
opesia.vip
pixel.onaudience.com
pixel.shareaholic.com
pool.admedo.com
ps.eyeota.net
px.ads.linkedin.com
rankcrack.com
rtd-tm.everesttech.net
s.w.org
s10.histats.com
s4.histats.com
s4is.histats.com
secure.adnxs.com
secure.gravatar.com
spl.zeotap.com
stags.bluekai.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.sharethis.com
synchroscript.deliveryengine.adswizz.com
t.dtscdn.com
t.dtscout.com
tag.crsspxl.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vip.badutprediction.info
vip.disksusiangka.info
vip.pangkalanhdgroup.com
vip.poltar2d.info
vip.roomangkasa.top
vip.velbettgroup.com
vip.zona88.top
vip.zonafantasi.info
vip.zonaprediction.com
w1.bungaprediction.com
x.bidswitch.net
x01.aidata.io
zona-angka.top
zona-bermain.com
ad.mrtnsvr.com
ajax.googleapis.com
blogger.googleusercontent.com
cdn.jsdelivr.net
e.dtscout.com
geo-um.btrll.com
get.s-onetag.com
maxcdn.bootstrapcdn.com
s4is.histats.com
sync.search.spotxchange.com
t.dtscout.com
vip.badutprediction.info
vip.poltar2d.info
vip.zonaprediction.com
zona-angka.top
103.43.90.21
108.156.133.109
108.156.133.90
108.157.254.84
13.224.249.16
13.224.249.72
13.227.254.7
13.228.126.19
141.94.171.213
141.95.33.120
142.4.219.198
15.197.193.217
151.101.66.49
158.69.254.144
172.96.191.132
172.96.191.134
174.129.90.144
18.155.68.81
182.161.73.146
185.84.60.23
192.0.77.48
2001:df2:a300:bbbb::136
212.83.160.162
23.207.181.216
2404:6800:4003:c03::84
2404:6800:4003:c06::5f
2404:6800:4003:c1c::5f
2600:1901:0:8eee::
2600:1f18:ed:550a:894d:5a43:421:a533
2600:9000:2753:4a00:1a:609a:6780:93a1
2606:4700:10::6814:4f63
2606:4700:10::6816:3262
2606:4700:20::681a:d3c
2606:4700:21::8d65:780a
2606:4700:3033::6815:e31
2606:4700:3036::6815:db7
2606:4700:3036::ac43:8f7f
2606:4700:3036::ac43:a392
2606:4700::6812:acf
2620:1ec:21::14
2a04:4e42:200::300
2a04:4e42::485
2a04:4e42::649
2a04:fa87:fffe::c000:4902
3.160.188.29
3.214.45.232
3.66.124.228
3.93.89.138
34.102.166.132
34.232.140.51
35.162.162.179
35.213.12.39
35.230.38.116
35.244.154.8
35.76.19.218
50.16.197.56
51.158.28.82
52.187.52.94
52.27.127.217
52.39.166.89
52.77.105.252
54.245.71.27
54.251.140.206
54.95.222.155
69.173.158.64
74.125.130.155
85.187.128.38
89.108.120.76
99.83.181.31
00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
02b193c454ae90e3db037af742f2fbc98c2e1adaa8e43f1133a1c472ab437525
02cc4093ce906ac596cd4ff4bfb895a9b197c61a98508c5b6a69d6729286761a
038125817f7c1d347865952503775e536f045b1888d79a3ca72aebb11aaf2e95
046ae83e54f2cee93f8fedd6f77d51f475f9fd0864a10303dab2a36c6c4e1a3b
04750f0bf51a55ec34ff64445f0fee551550377d1cc8a09e485cd78dc5f27755
07248bbd5125b2a47f9906fa744ab093cdbc86071fd966731f42bf18fc10c33a
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
08c31802f0c5aba412bd6630e9b1614cfdc2d8be2ea31960c43cc417d3a80196
08e32e2771c1c7e774b70eedb3a09bbbfa232937feae7de416e7a90853922b11
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09979e17fedcc151a6bfd3d1257030d6008b4e3329b022b618480008aa53d36a
09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3
09c6250ce7382f99a996801f40be71f972e3bb9705b15b2dfca665860bc29f5e
09e586e201b74726d54719f55abcce9d08f96feb7c8c1ef33256097f4f865cfb
0a7a6aef2b676b67676d0304572b5e330480a906c455a8157ffd3f95a082c946
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b06ca55c1eb4674bf666bee6cd0193d8e72d3ed8535b7b5df6160e0391d84fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e464e1c6f699fb837c3f0168169dd1a2564765cdecb33a17c349f9088cb7aac
0f4994428821c42af72d0508df18a609b56c3c635c3a128776c1a2e0763a3f97
1031c7d12671b0e4ba21ba236f1cadb8f64a96e4d887de61b0719257990ad440
104849980441dc32ad008fbeda42f6b98aab1e386fd9d1076563736e43b0dadb
11185f2195e02415011e74251233e377b156e28dadfd626be19c50016561d7ad
1259bd6af9ec9598817124ee0e150fb1a05b53d962895069a67ea1fe4af5032d
12b5962fdfb855cce00a56ffd83ae9fe3a7e71fd1648b19a65f54c2d207e2610
130640d6a63e2fbe7054453ac6d567707cec9e2ee2e5d19b6431671a9b79eb77
1307d7d34cfe2b79f354be46d018f0299dee1f562bd714b2dea08a2459d5b2b8
142284b9a017c0b092cfb84bc4aa01eda7b05c3a076ae5a785fd403c78650620
14a05becc09270edba4b51cd19df0b22d893587d7657b848c14df1f085e8516b
14b961b449622cc9905f961164f6a4411387b42e823abaa550f4e29204c5f5e1
15aa06b5674798218496d39e33badc812b7886c0e84b8e96a5a87ffe1b025706
16e8c152b108be27b4acf6d88ba839b67fc6164d55a5d2bde318d4277e33d644
1806364a2a2c9d2420626b73c07fc28d00e1cfe9eb512ff39e7ae9d5477e00af
182e7ec070c9d4e820a201365129286245a30304dcb3eb58356d460ef018485d
1862cbc949968acad1d272ecc52e35eebb6f905994741e300129400171af2feb
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1d9a92f7ecc3e9444a73ebc62f8e8a9ec3f85553fad9dad37c30486c2e090c59
1e00718e909000e3e12ff00a6dda19dac5b1ebbfb91f8dc37cbcb6c3dc790789
1e54de865f2e77bcdbefcb5c2bae3d2042f5ddffced2178c210a5a043e3af22e
1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315
1fc38d83d1b3a0c1618808c64468640a3ea2cc5598ae22b38a81cb3857603b79
2008023d6a4f8e6b62313df41fafc84201fe6de1fb2b43076619dfc245528fad
2254c582ca5d88d3061a726b5e179fa7381b75666b8fecd7cf66109267152d36
229db54085cf76b43890df9f5f316b175c1151f3fdf6e7fbbaee39fbb986913c
2355c0718f4855e3d2c2488eb10acad260e2911bf7b87a7219d706fc431014d3
238e00796cb371bf137fbce58a9f9a19214d38cade514e2a8d77c76f5ad86d44
24f3487afd7d51ae97535ec4e19613f6e0d8e9faf0fde31c86da0d2a756606b3
253b8cbda7d29e9fae09974fcc3a4700eda45e8bf59a07df24237e5f254b6401
2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60
28cf2a34f3fc95ce2c4826b99dd7ffdab889d1a7cccca77f70772f2b0fdc671e
28e412b7f4102bc5be898433e7787f7ff64620ff003a0d7f9c6086f9e8ea0bd2
297ca5dd9c836976e24d238428afe02f4eb989884e11da8a872d91da943436e9
2a6737fae63e5430f512fea02de2f309390b6640591b507a787109de9608d018
2a7c3271c7be094b18da1806d3105dbf933d12d32627a0dfefeef7837bcba00e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620
2c43a255e95fbdf338309f6c22ac82b0d7fa1a37ee9c97caf5e40d3fed96f8ad
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f909540c04c567a95aee6133b7457d4d323551ab782a9d0aac538a023642c9b
319d6c1ad63b93da1b020b7962ed28d1aaf3f90efa8f2ae744ad675739e66fd2
324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3486af1efae5988985567501879201075febf077d1f394ce83eab3319fb210ab
35003430f8e39078c9a00375d5611e004a8d187f4d4cbd16bb8dddbf340bfd21
35e43b56fadbb99e265ebc3187f0d0931cd4e593f3e2ad757c04423a20d5e08d
36c3e6523a4f20a713648bef88538c856455d6abf908945ad24f0f663c2d09e2
36d8fd6d83c34a11ab4a26ea47a3e16bb9e0f1d7ebed1caa396fbeb9f532b88e
38d170f89cdc907197874054154fc4c6005d78bd7bf77d96c290b6d401275256
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
39e100dfa5332858e556bf66e8236cf4cd7a89ccadc3fa4312ae9a447fb33ecf
3b3852caf0fb7aa918b99dd568c89ee31af5f0ea92e23fea31f00edb8d6bcf92
3b7029d0297000e76c78bd954655a0e38071a58c03bfe26dc631e7747c7d4751
3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d
3dd9bab6b70d97ac3b4d04e6f0a4a097db2f7637a025f1c7fbe7423498c179ac
3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b
3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755
3fb574ba0087738e2662388a3f51043e2d9010322bc48390a0a34e1ce588fcac
41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10
442e96bb230c50facdca3ef284ad4a247b89ffac2b1040de9e416c8b9a6cdfd0
444b3e871270007bce4b3e0ed2f9aa767ae0eb7be5aa6b60f2391ca0d543f2b0
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
459aac02eacc758c58d2059cf00decf5b6fdacad8ea6a4a3ecb404a316857a78
45f127295d4b528f370c2500927e3ad7428db89b7035ca7c020a01639fbe64bd
45f9a09217433a0218952593cd0fb68a7ff5bd67203fcfc375666e3e746d97b5
46e783cb4dac1e26d0b09081e9f5dfa24784153e5e2131c9aa6f72d3ab8f4869
47ec6f53300002723b725ad28258ad9022cb54fa109f0e69897d71763435899b
49a3494c37f14af1a6e4fd2b12673e45f1b9a167eed81aeffe39bb983ce4e6c7
4a36cde30fc9ed0494a18b7c62f36e9aa38a1fcbe0b05eea48b4858ee04a42b2
4b13e52f7d273fbc097b767fd5519d6a7a89fa360960e3bf6eb2fb2a0b2ef01a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45
4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56323f92e75963cb7320e57cc6a0b7277918c3d813ebb9997760a45a5f15c651
5800f2ab7d41d8c2917b85c61a643febbb863f672d077201d23d88d6c0874856
5837a99ae2084c0efa8e2f5731a515a0f664c82c87929f92e899484c86512031
5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9
5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde
5a01e5639db4d9856d75677e2942b3353dbe7c287da34ffa20b95b3004acb2ce
5afd0fe0ee766eb3391e75a5e967062a67f3ca611eb51fc7f54d769ab3065c61
5b4ddacc726bbd0260a6610faa5eee60918e30e5038fa44a1a699988d0e62663
5b812c2c30ed148a44c8cff95541183e3e9f97c38f0e6d87076eec9ee7f57e72
5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8
6078aa8276c25b85bde49466cd4a096d190b87fd1c74612922d9d4ed3175e8d6
60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045
6103421bd04418c028aca18be8a8bdcdec1a4adb5ddf55d4df7b1a1b8091cfb2
6175152bd8c322d14c8fb879a6cfce83b58f1f97bcc4f7cdc4a59f668c25438b
6180afbd70e2eb56fcaa48cdc90cfd02601557035def0183b3d8b6a2b660d6f7
61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271
64e1f0895d08d89e7637dc80c8fc225f0b396445c667af55d3f8b8d10776d249
64edaa6d2ebde84b4473d98ba5895d7f4a46e360717b806a0854204f6c7bdc9c
65470175409bc240f81a829e2f6516ec88c4eaabadb98164f5e4cefa7c7e6852
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6829299e2c29c2b88d1f6024531303284c0460a6a222aff4e3e465f65e398412
683294a1c4a07185d893da8b83b7558b527a3b37d651a9709c5306d5c88ccd3f
68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda
68b88582ef21aff042c94869d7d3b794d8c1a087b7f100af3d09648176e7bb99
6999d8104b1cc4f4bed2b7a2cebcaec2731cacbcd75647c2b2fd52788b096d71
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6da55789d39fc24c0fcef28e6fca1f32988c00cb0aadab8df57a5ee3395f8830
6e389c1615870f65a3f68aa47dc6415511bc8dfe68a98358243f09819ddc9d31
6f046fa84ac92d5da5d0a76ad78b2f33f2237c7e0ee5075d79b579b87c6970e5
6f62ac9fff6ec21e48f752d02d0aa9faa3e7f6275ccce54216ae6520b1848d2c
6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f
6faef2a9122a84c8ef399b819a303ed612e3aefded8e5dfca6419bc9a2677de3
7043a600b489efe3a2498c4f449b9c9cc59a5e9d5a9b26953582c5c9f2ff61ef
7437a158a1955c5377fcfe87d2f824cb0552e91bb895ef42c06f7a62c43ce9b0
75c9c37afd683ccdc44fe196f9453bb2e9d54eaeef1db248eed961b91920ed5f
75dbd7296a0cf297d536c6436a2ff7251fec6afcc0e0291bc6a207422b2fbfdd
76fbbd5de8b8380ddd9a282963f0da9397555e7ba8f447f78ca3d59030523729
7854917b34d06d776633ed501e94c7df77a68287259e4009439eb49cfec92f94
789b226b25971d16ffeb5c6b51feaba8bc833d9179136489936bcd6609f710fb
78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2
792aa0f231a00bd80c22e4ff67396683317471c2626601623b5f00a1aab7fe63
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a49a3241e724334d82624950df463e81ed829057eace112fdd27592a6ae018d
7a74debf44986df11f9aa76658fba794335514266550e691c312d9ce6e7fdb3c
7c5f5e4cc65ff6973a93828af6d174b05cb4ed40dad7f8c09ac5c0ed1d53f252
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
82471bbceadaf52781fd5409b5a82f71d31ff5cd19171cf46df469af10ac413b
830e40006d33d3bd5f470e7db7e00429961132cf76e7a0af6c9db21392a5f3ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f40cecaac1f1f73f92aa4e24e4492619783951bfd5039e0613bd15f1a68d8e
85a8c6d153a4b5f00aac6fda2211fe5aef9b64d3ad7cc639171d3f1285f6f2b9
87e4ee75c9f4f01d4ff65df767333143ec7149b9d31de45b84a4a885a74365ae
887e3a4782f6ce4211179fe7cd16687b8f4ac3bbb72807beec77aa8370e96520
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8afd8132abd29ec4f4e38e5088bc5cce3b8c65a97439a0f6cacfcf7975b9d144
8e02ac2fe31db1f9e6240716552f22ddfec82fa94d717f80e1e2a98a62d661b4
8e309a06cfecd7e8cd1a60f803f6d92b4c9e16c55021bea05b073ac0924fca9e
8e960c32bd5c77e745800b354a8f6a3e129b45ef5285f2efa481ddbe62e67b27
8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788
8fa6ed10e30b53fd43271d009e1e6284aabb280faab333dc7dedf200c5d7bd5e
9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f
91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc
914c343404224efbc142074a3964c557ec6052798ffa2481de336216b82b2cd9
9162e03712f096c43bb7b43526e6c1c69942128932d24574b642c0f529b0aaac
92058466e95b4fb7d604972ddb055d7f9513afaabdb936886991de7b494e3d9f
9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93
92d3b285dc9812d04e951429cf430ebbd14cfa07e452ebe080348ce9d7eb6a3e
92e40f30447b071714cf1cdf5039293c0cd4bbc0d2f793b7f2fe3a7cbe88a0a4
92ee0942e99bc928aa018d4c21216cc548baa5af77cb0c323052988d4701dc74
956a07e528dc44c3ecb772fd130c1a63c71f7394bf3338c86ea92ff4ab50fce9
96336072f7244dcb6319b29cd64a8e4e763a603a3cfd49d8a0d1f7d3d089e5d9
963dc880d03e841ab5565b47af9e03b1a5132d5d34b3221bfec3f85b7e9a0c9c
98ce77bda889fb1c90b91b9f035a09563ed0a0ef0ad253abaf087d1b6747d27a
9ab92359d24e94117f50fd55858832e8adc3905bea4b4e23cb43d239438a9d3d
9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f
9ca55f13da599130ec901a8961c5925a61c1f17d28bf83731e417b4bcb8b3f01
9e2702287b43ab10f360b1f361c1a89f6ff47aa8e790ae72dcd15601731ef86e
9f1c863ff6615e6d7cb30c4cd5aee2db27f04ded076b0b88c8312dfe9b862763
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c501601874be315e0cb0190cd5fffb7a323247e9bddc0b5d225d8eddbf7b2c
a1e0d9b77be29f4f8c5bd2fed60d5b18131838604e154273c379b1e931d020b5
a29edc6ce037f547367624f31d091bad2479e96cc965ee2cf6e480069c5d66b5
a2b9d983b8b1617a3f1db85849d047987875774dac56864c28b4b687a1c53ba6
a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639
a4f09d02b6820063afc04d9fa999acdfc29c7674e778c610ab7ab985e0b67f1b
a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2
a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4
a787e546ae2354253ff52dd4141c46eda05b0651a4dd5bfe4b614cf5e35ac2c1
a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a91356cedd62ba745fd9c4ee8d59db8a51b65f1005250f147e53b83e8ac1acf8
aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952
ab0434433ee1381ea64150ded53179214f675203c4879c8cf6673a6251b3a501
ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3
aca409e8a5e186422befa4b70ac53afc6c0a183c52789a9a6e4e5a74e101735e
ad6d6040ca18fd1009d68ffeca180c0b0d2adb36f3555a7fed83ccb7e00ad52e
b0c35bc05abb647a7ac7453f61e4d21001edb687c45aa6e5d1657f40152ea2a1
b0d037b4cb66ac6403cd0d302904cf2b80fd8deb44189725fbd02d1b12588b2e
b0f7617eba5fee3dd731a13aa013d8860b9b7093599fff26ee0ac213ebe80cdc
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b122668cf7bc7f858a7fcb3089d34e181550cb6f9acdd1f6b6ff160849e4b061
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18867d40b9b5acdc882603ce001beaf7ee9e73d6f768e178bee089136dd8561
b3bc87f36189128324553379012da869ef88015dbf6a9e33535bdf09de771083
b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59
b7c1b2cc0ac5176af535ffff39f253da6757b27d98ca1a6360576781acb21d0e
b80a690b470acfdeed3e8f62297dec976dcd9edc2e92f0d4da0b20ef43aad6b6
b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37
ba11710aa7fcd74966de3e79dfa0e8a547cb9858dd7569a9fae3be00fb803943
baab6a08519a141264c31d8f527b0519cfc15674819b3f658786d6ec9524cd0e
bfd84ae265e88d7fa9f5d4c3afb7acd3807cddcb386633824452346fac0218b8
c0093d5475d8711d99796e4117710b50919b43b19e9e0caad7561d5292f6e64b
c0830ef21d7158fbde0316ae588e121d0fe6721e3bd43bd4457d411b12e23ba9
c15113fa01b194ad2604e6adfc0681ee08a07f780c62e1cb72a303ad27714c17
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4
c2bca8264d1f12612815bbdedb575e9418cd84b12f2e793a20a5a0d5d724fa11
c3166828a8e6039ad84ff8a775d57fbc52b7715f15f19c6d9c444ad0b917436c
c378872b59bf55dbeff2c762612827049cf63ee3008a1e1602c36d1b213fd142
c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb
c410c9c41c55903e0c2f21b699e8485848c9b3587acc3af141a2077dba012b6e
c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5
ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb12453c515c5a23efabb8576166f64d97147fcb7c4b84f68c021e99057b8ae7
cb66accd765c5996e132fb8ed13a083159662c1c4d6f6888a5917299332a9556
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdc9b8b9b72db5c97cf6a83a97fe088f75be547a904d1f1a30b478b27bc54e11
ce02f63df1192e76c52df28c9fefe73683c7eebeccb01eed81f247a7aa09caf5
ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4793b754e750d6c2971bc444686c006ad5f482c37e67a7afaf21525120766c
d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6
d17e88dc68df9445e56e8fc6f50ff4ee7b3c53c2a7f9af78ff7e797345b7f61b
d1e8f703775a514b9d8dab40d9471e5d79823f0684afd344ca198d1ced39f791
d60841f72fb04af252ea45d2d13bd4e551126633709556c16492624bc1454eb4
d6c1d10b5b88d94c94a977027e4472f336da6f23ce32a018b16f3f2a5c76c9a0
d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0
d7ce0d4c3737b9ef342a61027da102f3745661ec3d27155274ae0c22f14e4c15
d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb
d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d9f8d555b90fe329613de68e047d5a8fb0db0e955f41aa064dd15ceb812c4ca9
da095982f14545c855e8fccf2e70af30b165aa99cee7a6b3811d9c5ab71ee22e
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db3ca4a564b5eb85bd17a7366b1095f8012e1312bf9a88d806d9253c487a3a7a
dcd865aa494a57d8409f69a8f47b719cbf23c0c6b5796664d6ce5e1303acf35f
de5fe79b857e112e3bab6257971923ce2effe44d527e2a204639935b702f51e4
de6f19cbf83bc8d56af5e96a2abc1d37254aa64e1f3cb419f6a4a0526aa3de15
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e140a3124ae30a817cdd0ed4e99329fb4bebe5a89b437793966b49bfd5d3c521
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e29c6aa5d1f53b5910f95e002622c14b705081d66f3bc0b2df06a9dd3b1b12cb
e2f8f1a96e17a5966d8577697e0f1cf140712a4230f8f0eee311b3dd2811e463
e35164233b8286bbbe477340b47c3cff4d5e3b50364babdc06648d998a0c8176
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4da1a45ed746764f7043a54f5c78ac0840286859eddb34428d87f941d351c36
e4f6c6576d71bd557785071ed53634304d9d61580ab81bf6b21c0d5e910b71ca
e60ddf53483a699a802aff60e3a086db0e8b87877e960b89b069c393a5308bbd
e6ca8b2824b23a600f1c53ee766abbb95a0e9dd0b1275068034aaa03a4903daa
e72acdf91f8d161d9b017bb63df58eb9e14666ecc3f7b3e66877458d10f272ac
e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7
ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39
eadf6373b403bcb2d38a5731648b6d8783a1b62d2ae14f8ca885a6649450d648
eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945
ed3fd39c483344b8aee3d71b580e27fe15c0a632d2deae52b16d79565d6ffbca
edd375cae26623e4e143ec6cf6be7cd91721fd1c11bce7ebdf44e7f6698b6d64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b025141ad7acf44c398e0f97eb1f60571ecbcd23394c1c546c97ef83c726ed
f14e51ecf64cf84a4da58729073f507efb796be77f90879b1d3d1c58d775e5f6
f170132b9335201ad04d67c5ec2907b00d2a91dcac5d05bd9fe81de098dcec8c
f1fb4cf4aace7e9d5bc9896c934708c2b09bc05a783ceb3721c898e0c508a148
f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15
f3d2f4149cda1cd4febb0f8a1281a9ac590c2e6521892648e246d1d18eb01f5e
f49b4a693887bb7f3e7dfd9e6d3ab522c0f9db91ff521f9e88526dc819682fba
f5c4b80f8fb164da563570c43bfdeeb83477c65bc1b64dbd01a05d0ec16b4369
f6b5f293b88c1045f30b4b3791972c0fb9b2ee66d0b5e4389cbc18589565ed99
f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134
f97e964ecfd954290ab7a16bb20cd0f800c3f8ba214f8ebcb982332168efc418
fa6eb626ec49433f004b579ce94c3b4fe0dda0bafff918fe244f8c2d4413c2a6
fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9
fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251
fd0c282cfd620e7ad9c50bd0df45d66fa708388329fd0900c17d46842991b2b0
fd3c5e931997685edd6b40a5aaee81c19cdcbeba459fa44aa09137d75b2bcf63
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ffad36979d3e4da739e3e97198cc676a4a8929e291893df2311774da9ddd6839

vip.disksusiangka.info Open in urlscan Pro 172.96.191.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

2935 Requests

78 %HTTPS

30 %IPv6

73 Domains

89 Subdomains

53 IPs

9 Countries

191752 kBTransfer

307185 kBSize

84 Cookies

49 Outgoing links

Page URL History

Redirected requests

2935 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 65 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vip.disksusiangka.info Open in urlscan Pro
172.96.191.134 Public Scan

Screenshot
Live screenshot

Full Image

2935
Requests

78 %
HTTPS

30 %
IPv6

73
Domains

89
Subdomains

53
IPs

9
Countries

191752 kB
Transfer

307185 kB
Size

84
Cookies

2935 HTTP transactions
65 data transactions